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THE  FUTURE  OF  MONEY,  PART  4 


TUESDAY,  JUNE  11,  1996 

U.S.  House  of  Representatives, 

Committee  on  Banking  and  Financial  Services, 

Subcommittee  on  Domestic  and 
International  Monetary  Policy, 

Washington,  DC. 

The  subcommittee  met,  pursuant  to  notice,  at  10:00  a.m.,  in  room 
2128,  Raybum  House  Office  Building,  Hon.  Michael  Castle 
[chairman  of  the  subcommittee]  presiding. 

Present:  Chairman  Castle,  Representatives  Lucas,  Metcalf, 
LoBiondo,  Watts,  Flake  and  Kennedy. 

Chairman  Castle.  The  subcommittee  will  come  to  order.  We  wel- 
come everybody  to  House  Banking  and  Financial  Services  Commit- 
tee Subcommittee  on  Domestic  and  International  Monetary  Policy. 

This  is  our  fourth  hearing  on  the  future  of  money  and  let  me,  at 
the  outset,  express  my  gratitude  to  Chairman  Jim  Leach,  chairman 
of  the  full  House  Banking  Committee,  for  permitting  us  to  continue 
with  our  hearing  this  morning  in  the  midst  of  the  Banking  Reform 
Act  mark-up. 

We  are  obliged  to  finish  in  time  for  the  full  Committee  mark-up 
to  reconvene  at  2:00,  so  I  ask  the  witnesses'  indulgence  if  I  seem 
to  move  the  hearing  along  briskly.  Actually,  we  try  to  move  the 
hearings  along  briskly  anyhow  and  hopefully  we'll  be  finished  long 
before  2:00  p.m. 

I  also  ask  the  Members'  indulgence  in  limiting  introductory 
statements  so  the  time  can  be  devoted  to  questions  of  the  wit- 
nesses. 

A  couple  of  ground  rules.  You're  hearing  the  buzzers.  Now  that 
means  that  we  re  going  into  session.  At  some  point  we  might  have 
votes,  although  I  would  hope  not.  Particularly  during  the  first 
panel,  I  don't  think  that  will  happen  but  if  that  happens,  we'll  have 
to  break  for  about  15  minutes,  go  and  vote  and  then  return. 

And  at  some  point  we'll  have  questions  and  I'll  go  over  some  of 
those  ground  rules  because  at  that  point  I  presume  that  more 
Members  will  show  up  who  may  wish  either  to  make  opening  state- 
ments or  to  ask  part  of  the  questions. 

I  see  we  have  a  soda  machine  here  in  the  room,  which  is  not  one 
of  the  usual  items  that  we  have.  I  have  here  some  credit  cards  in 
the  form  of  Kroners  and  stored  value  cards  and  whatever  it  may 
be.  Everything  here  has  been  cleared  by  the  Ethics  Committee  in 
terms  of  Members  of  Congress  participating  in  whatever  show  and 
tell  observations  we  have.  I  just  thought  everybody  should  note 
that. 

(1) 


We  welcome  Mr.  Flake,  who  is  the  ranking  Member  of  this  dis- 
tinguished subcommittee.  I'll  turn  to  him  in  just  a  moment  after 
I  finish. 

As  we've  noted  before,  the  subcommittee  is  in  no  rush  to  pass 
legislation  regulating  these  new  electronic  money  technologies  but 
prefers  to  focus  the  attention  of  the  industry,  Congress,  the  Admin- 
istration and  the  regulators  on  the  potential  of  these  new  financial 
technologies,  as  well  as  their  possible  pitfalls. 

The  subcommittee  will  continue  to  press  for  well-communicated 
industp^  staindards.  This  Congress  and  the  ones  to  follow  will  need 
to  devise  new  paradigms  to  describe  the  world  of  electronic  com- 
merce and  promote  a  better  understanding  of  the  whole  future  of 
money  universe. 

With  industry,  we  must  help  provide  the  American  public  with 
accurate  information  on  how  these  new  technologies  and  products 
may  give  them  more  financial  freedom  and  choices  in  purchasing 
goods  and  services,  as  well  as  improved  means  of  conducting  their 
normal  banking  and  financial  business. 

This  fourth  hearing  will  close  a  chapter  in  a  literal  sense,  as  we 
will  seek  to  have  the  first  four  reports  bound  into  a  single  volume. 
We  have  followed  this  subject  from  our  first  hearing  last  July  with 
the  entrepreneurs  who  are  behind  the  new  technologies.  In  October 
we  heard  from  potential  regulators  and  law  enforcement  authori- 
ties regarding  their  varying  levels  of  interest  and  concern  about 
these  systems. 

In  March  we  obtained  the  latest  insights  into  a  variety  of  bank- 
ing strategies  employing  or  reacting  to  these  innovations.  And  now 
we  will  learn  how  these  new  forms  of  electronic  money  will  stream 
across  international  borders  and  provide  a  mechanism  for  greatly 
increased  worldwide  commerce. 

I  recently  addressed  a  conference  at  the  CATO  Institute  on  the 
same  general  topic  as  these  hearings.  If  you  needed  any  confirma- 
tion, this  should  prove  that  cyberspace  affords  a  virtual  common 
ground  for  contrasting  philosophies.  That  conference  and  others  oc- 
curring with  increasing  frequency  turn  on  the  basic  concerns  for 
both  business  and  consumers  of  security,  privacy  and  an  adequate 
legal  theory  to  provide  a  foundation  for  enhanced  international 
commerce. 

Even  when  these  tou^h  questions  have  been  answered,  there  will 
remain  equally  thorny  mternational  problems  of  taxation,  common 
standards,  non-tariff  trade  barriers,  and  dispute  resolution  to  oc- 
cupy the  emerging  legal  specialties.  Nations  will  be  challenged  by 
the  need  to  either  develop  a  consistent  approach  to  both  virtual 
and  real  electronic  payment  systems  or  risk  being  left  by  the  side 
of  the  information  superhighway. 

Today  we  take  our  seminar  on  the  future  of  money  to  a  new  level 
of  sophistication  with  a  most  distinguished  list  of  witnesses.  On  the 
first  panel  we  have  three  European  chief  executive  officers  from 
companies  that  have  pioneered  new  and  often  quite  individual 
technologies:  Marc  Lassus,  Chairman  and  President,  GEMPLUS 
Card  Inc.,  the  world's  leading  manufacturer  of  computer  chip  cards; 
Tim  Jones,  CEO,  MONDEX,  a  United  Kingdom  venture  that  has 
created  an  extremely  versatile  payment  system  with  unique  hard- 
ware   and    software    capabilities;    and    Henning    Jensen,    CEO, 


DANMONT  A/S,  in  association  with  the  Royal  Danish  Government, 
one  of  the  first  large-scale  issuers  of  stored  value  cards. 

On  the  same  panel  we  also  have  executives  from  two  U.S.  compa- 
nies at  the  center  of  developments  in  electronic  commerce:  Denis 
Calvert,  Vice  President  and  General  Manager,  U.S.  Financial  Re- 
tail Markets,  VeriFone,  the  manufacturers  of  the  ubiquitous  point- 
of-sale  card  readers  and  verifiers;  and  Admiral  John  Donegan, 
Ph.D.,  Vice  President  for  Operations,  First  Virtual  Holdings,  Inc., 
a  company  that  pioneered  commerce  over  the  Internet  with  a  pay- 
ment system  that  does  not  require  separate,  sophisticated 
hardware  for  security. 

The  second  panel  will  feature  scholars  and  commercial 
innovators  who  are  testing  new  theories  and  innovative  applica- 
tions of  existing  models  with  regard  to  electronic  commerce  and 
digital  forms  of  money. 

Professor  Alan  F.  Westin  of  Columbia  University  Law  School  is 
a  leading^uthority  on  privacy  in  an  electronic  data  environment, 
having  published  his  first  book  on  the  subject  in  1972.  Jeffrey  B. 
Ritter  is  Program  Director,  Electronic  Commerce,  Law  and  Infor- 
mation Policy  Strategies,  acronym  ECLIPS,  and  has  left  private 
practice  to  devote  himself  to  full-time  research  in  these  areas.  And 
Elliott  McEntee  is  President  and  CEO,  National  Automated  Clear- 
ing House  Association,  which  has  devised  and  tested  strategies  for 
cross-border  wholesale  settlements  that  may  well  play  an 
important  role  in  international  retail  commerce. 

Finally,  David  Boyles,  Senior  Vice  President,  New  Business  Ven- 
tures Group,  Smart  Cards  and  Stored  Value  Center  of  Excellence, 
American  Express  Travel  Related  Services,  will  share  his  compa- 
ny's long  experience  with  commercial  substitutes  for  currency  and 
outline  some  of  their  strategy  for  the  future  of  money. 

And  before  turning  to  the  panel,  I  will  take  this  opportunity  to 
turn  to  Congressman  Floyd  Flake,  the  ranking  Member,  which 
means  that  he,  in  the  minority  party,  is  the  highest  ranking  Mem- 
ber, a  wonderful  partner  in  these  endeavors  we've  had  for  the  last 
year  and  a  half,  for  his  opening  comments. 

Mr.  Flake.  Thank  you  very  much,  Mr.  Chairman,  and  thank  you 
for  convening  this,  our  fourth  and  final  hearing  on  the  future  of 
money. 

By  bringing  the  relevant  partners  to  the  subcommittee  over  the 
past  year,  you've  enlightened  the  Banking  Committee,  the  Con- 
gress and  indeed,  the  whole  world  on  the  fascinating  aspects  of 
electronic  commerce.  More  than  bringing  an  intriguing  subject  to 
the  forefront,  you've  brought  important  policy  issues  to  this  sub- 
committee's attention  and  I  hope  all  of  our  colleagues  understand 
and  congratulate  you  on  your  commitment  to  this  particular  issue, 
since  it  will  have  ramifications  and  impact  in  the  future. 

Electronic  banking  and  its  ramifications  on  not  only  the  national, 
but  global  economy  are  real  issues  of  importance  to  the  Banking 
Committee,  its  members  and  to  all  of  our  constituencies. 

This  statement  will  outline  some  of  the  current  technology  that 
facilitates  electronic  banking  and  commerce  and  also  some  of  the 
security  and  regulatory  problems  that  these  new  technologies 
might  pose,  particularly  in  the  international  arena. 


I  will  initially  state  that  I  will  be  especially  concerned  about  the 
effects  of  new  technology  on  the  consumer  and  the  poor  segments 
of  society,  which  are  often  classified  as  underserved.  Too  often  in 
communities  like  the  one  that  I  represent,  there  is  a  dearth  of 
financial  services. 

Might  I  parenthetically  add  that  I  represent  one  of  the  highest 
income  predominantly  African -American  communities  in  the  nation 
and  yet  it  is  a  community  that  is  financially  underserved  to  the  de- 
gree that  banks  are  not  located  there  and  as  ATMs  being  placed, 
they're  still  not  being  placed  in  those  communities.  What  is  left  are 
non-banks  which,  in  some  instances,  unfairly  take  advantage  of 
this  lack  of  services. 

If  there's  a  dearth  of  services  in  communities  like  mine,  I  dare 
to  say  that  in  much  of  the  developing  world  the  conditions  could 
be  even  worse.  I  would  expect  that's  because  many  developing  na- 
tions lack  sound  economies,  payment  systems,  and,  in  the  new  de- 
mocracies, there  only  exist  fledgling  private  banking  systems. 

I  hope  to  hear  from  our  witnesses  some  explanations  of  how  they 
see  their  particular  products  being  used,  what  they  expect  to  see 
in  the  traditional  emerging  market,  as  well  as  in  other  developing 
economies,  as  well  as  what  is  necessary  to  protect  those  who  are 
part  of  America's  economy. 

We  also  have  concerns  about  privacy  issues,  so  we  will  listen 
with  interest  to  the  testimony  of  Dr.  Westin.  The  new  technology 
being  developed  has  the  capability  to  track,  among  other  things, 
consumer  spending  habits.  And,  as  I  look  at  my  monthly  bills  that 
result  from  the  cards,  I  think  this  is  extremely  important,  perhaps 
not  only  for  those  of  us  on  the  subcommittee  but  for  all  of  us. 

The  result  is  that  the  anonymity  that  some  consumers  enjoy  with 
cash  could  disappear  and  Congress  must  ask  what  sort  of  legisla- 
tive or  regulatory  regime  will  govern  privacy  as  we  move  to  new 
payment  products. 

Toward  that  end  I  will  ask  that  the  witnesses  comment  on  expe- 
riences in  international  efforts  to  protect  privacy  and  whether  any 
of  these  experiences  would  be  relevant  to  apply  here  in  the  United 
States. 

In  closing,  let  me  state  that  I  am  excited  about  these  new  pay- 
ment products.  We  are  concerned  about  privacy,  safety,  and  sound- 
ness and  the  universal  availability  of  this  new  technology,  to  see 
new  advantages  of  electronic  payment  methods.  The  prospect  of 
less  expensive  entitlement  payments,  which  are  safer  for  the  recipi- 
ents and  issuing  agencies,  is  of  great  interest  to  those  of  us  who 
seek  changes  in  the  many  social  programs  that  are  a  part  of  the 
landscape  of  this  nation. 

I  look  forward  to  hearing  from  each  and  every  one  of  you  and  I 
hope  that  as  we  come  to  the  concluding  hearing  on  this  process,  we 
might  be  able  to  move  forward  into  a  new  level  of  participation,  not 
only  in  the  information  age,  but  cyberspace  as  it  relates  to  cards. 

Thank  you  very  much,  Mr.  Chairman.  I  look  forward  to  hearing 
the  testimony  of  our  witnesses. 

Chairman  Castle.  Thank  you  very  much,  Mr.  Flake. 

You  may  have  noticed  these  little  lights.  It  may  alarm  you.  If  the 
red  one  goes  on,  you  don't  get  electrocuted  or  anything  like  that. 


The  green  light  indicates  you're  in  a  4-minute  cycle  and  the  yellow, 
1  minute  extra.  Then  the  red  light  goes  on. 

You  will  not  be  held  to  that  but  it  gives  you  a  rough  idea  of  the 
time  limit,  so  we  can  try  to  work  through  this  panel  and  another 
panel.  At  some  point  you  can  start  thinking  about  wrapping  up 
what  you  are  sajring. 

So  with  that,  we  are  ready  to  proceed.  Mr.  Lassus,  we're  pleased 
to  have  you  here.  We  imderstand  you  had  a  difficult  journey  and 
we're  pleased  to  have  you.  We'll  start  with  you,  sir. 

STATEMENT  OF  MARC  LASSUS,  CHAIRMAN  AND  PRESIDENT 
DIRECTEUR  GENERAL,  GEMPLUS  CARD  INC. 

Mr.  Lassus.  Good  morning,  Mr.  Chairman  and  members  of  the 
subcommittee,  ladies  and  gentlemen.  It  is  a  great  honor  to  speak 
with  you  today  at  these  hearings  on  the  future  of  money.  You  have 
invited  me  here  to  share  my  experience  in  the  stored  value  card 
arena  and  in  electronic  commerce  internationally. 

I  am  Marc  Lassus,  Chairman  and  Founder  of  GEMPLUS,  a  com- 
pany incorporated  in  Gemenos,  Southeast  of  France.  Currently  the 
company  is  the  world  leader  in  Smart  cards  or  microcomputer  cir- 
cuit cards,  with  a  worldwide  market  share  of  approximately  40  per- 
cent. GEMPLUS  will  manufacture  this  year,  in  1996,  300  million 
Smart  cards,  all  of  them  with  microcomputers,  and  its  revenue  will 
approach  $500  million. 

The  company  operates  manufacturing  plants  in  France,  Grer- 
many,  United  Kingdom,  Netherlands,  United  States,  and  just 
opened  two  new  plants  in  Mexico  and  China. 

Since  its  foundation  just  7  years  ago  GEMPLUS  has  participated 
in  an  explosion  of  the  worldwide  market  of  Smart  cards  with  a 
sustained  annual  growth  of  50  percent. 

The  major  market  segments  using  Smart  cards  today  are  public 
telephony,  digital  cellular  wireless  telephony,  banking,  health  care, 
government  entitlement  programs,  electronic  benefit  transfer,  pay 
TV  cable  and  satellite,  gaming,  transportation,  and  so  forth. 

The  sale  of  Smart  cards  per  geographic  area  are  approximately 
60  percent  in  Europe,  15  percent  in  Asia  and  Middle  East,  15  per- 
cent in  Latin  America  and  10  percent  only  for  the  rest  of  the  world, 
including  North  America. 

As  a  witness  of  what  is  happening  on  the  world  scene,  I  would 
like  to  share  with  you  what  I  believe  are  the  key  parameters  ex- 
plaining the  success  of  this  new  product  worldwide.  I  would  like 
also  to  review  the  environmental  influences  such  as  business  cul- 
ture, sociology,  regulations  explaining  the  approach  taken  by 
different  countries. 

But,  above  all,  I  would  like  to  investigate  with  you  what  role 
could  be  played  by  electronic  money  in  our  future  and  what  are, 
in  our  opinion,  the  formidable  challenges  ahead  of  us,  and,  more 
precisely,  for  your  great  country  playing  a  leading  role  on  the  world 
scene. 

Why  are  Smart  cards  so  successful  in  the  world?  Outside  very 
large  volume  applications,  such  as  public  telephony — 90  coimtries 
in  the  world  today  use  Smart  cards  for  telephony;  health  care;  all 
German  people  carry  a  health  care  card  in  their  pocket — pay  TV; 


electronic  benefit  transfer  and  transportation.  Electronic  commerce 
using  Smart  cards  is  taking  high  momentum  in  many  countries. 

This  new  payment  mechanism  gives  clear  benefits  to  merchants 
and  consumers,  reducing  cash  handling  expenses  and  losses  due  to 
fraud,  speeding  customer  transactions  at  the  check-out  counter, 
and  enhancing  customer  convenience  and  safety. 

Today  50  countries  in  the  world  are  engaged  in  electronic  purse 
programs,  among  them  Germany,  Singapore,  Australia,  Hong 
Kong,  Russia,  Republic  of  South  Africa,  Portugal,  and  so  forth. 

Another  significant  advantage  of  Smart  cards  is  the  fact  that 
they  allow  to  run  multi-application  systems  and  royalty  programs 
in  parallel,  within  the  same  silicon  microcomputer  chip.  None  of 
the  existing  technologies,  such  as  magnetic  stripe  cards,  can 
securely  offer  these  functions. 

Smart  cards  represent  also  an  excellent  vehicle  toward  more 
equality  and  democracy.  In  the  Republic  of  South  Africa,  for  exam- 
ple. Smart  card  programs  are  aimed  at  giving  access  to  the  un- 
banked  population  to  enhanced  banking  technologies  while 
solving  critical  security  problems. 

There  are  also  important  projects  under  pilot  utilizing  electronic 
purses  for  purchases  and  government  entitlement  programs  giving 
the  recipients  equal  access  while  eliminating  abuses  and  fraud. 

These  important  programs  which  are  developed  all  over  the 
world  today  are  done  almost  independently  from  any  regulation  or 
even  outside  any  real  attempt  at  standardization.  However,  in  most 
of  the  cases  local  banks  are  active  partners  for  these  programs. 

In  this  respect  the  Working  Group  on  European  Community  Pay- 
ment Systems  has  made  the  following  recommendations.  I'm 
quoting:  "The  European  central  banks  will  not  interfere  in  the  de- 
ployment of  new  payment  systems.  The  central  banks  will  let  pri- 
vate initiative  and  the  market  decide  what  are  the  most  suitable 
pajnnent  systems  for  the  consumers. 

"However,  the  European  central  banks  will  monitor  closely  the 
development  of  electronic  purse  applications,  especially  when  relat- 
ed to  security  issues. 

"The  European  central  banks  intend  to  work  closely  with  other 
central  banks  outside  the  European  Community." 

To  conclude,  on  the  regulatory  side,  a  lot  of  flexibility  is  given  so 
far  to  private  initiatives  in  the  field  of  Smart  card  usage  for  elec- 
tronic commerce  in  Europe  and  in  many  countries. 

What  could  happen  in  the  future?  We  do  believe  that  de  facto 
standards  will  develop  on  a  worldwide  basis,  such  as  MONDEX, 
DANMONT,  BANKSYS,  and  so  forth.  Initiatives  taken  by  VISA, 
MasterCard  and  EuroPay  to  develop  a  common  set  of  specifications 
will  come  to  fruition. 

Banks  have  indeed  a  major  new  opportunity  to  participate  in  low 
cash  value  transactions — vending,  transportation,  parking,  and  so 
forth. 

Electronic  purse  applied  to  mass  transit  through  automated  fare 
card  systems  will  give  to  the  banks  a  privileged  way  to  reach 
relatively  poor  and  un-banked  populations. 

This,  nowever,  is  a  big  risk  for  the  traditional  financial  institu- 
tions. Indeed,  companies  controlling  networks,  such  as  telecom  op- 
erators, cable  TV  companies,  wireless  services  companies,  will  have 


a  magnificent  window  of  opportunity,  offered  by  modern  tech- 
nologies, to  jump  into  the  financial  service  bandwagon. 

Smart  cards  will  be  able  to  bring  transaction  security  and  pay- 
ment means  to  many  existing  distributed  terminals.  By  the  year 
2000,  300  million  cellular  telephone  subscribers  will  have  access  to 
digital  networks  offering  financial  transaction  capabilities.  Several 
hundred  million  personal  computer  users  will  have  secured  elec- 
tronic commerce  capabilities  through  Smart  cards  with  modem, 
keyboard  and  Smart  card  interface  capabilities.  A  billion  people 
will  be  able  to  use  Smart  card  public  telephones  for  electronic 
transactions. 

It  could  happen  that  banks  and  financial  institutions  would  not 
be  the  preferred  operators  for  these  networks.  It  is  imperative  in 
this  respect  that  banks  find  themselves  on  equal  footing  in  this 
new  industry  as  it  evolves. 

Finally,  on  the  security  issues,  government  has  a  major  role  to 
play  and  there's  a  need  for  very  strong  international  cooperation. 
Transaction  data  must  be  handled  in  a  highly  secure  manner  that 
can  be  auditable  for  any  government.  The  success  of  international 
electronic  commerce  is  at  stake. 

Smart  card  base  encrjrption  techniques  offer,  in  our  opinion,  a 
very  efficient  and  economical  way  to  guarantee  electronic  trading 
integrity,  especially  on  the  Internet,  where  lack  of  security  is  seen 
as  a  major  impediment  to  trade. 

A  consortium  known  as  the  International  Cryptography  Frame- 
work, ICF,  comprising  corporations  such  as  Hewlett  Packard, 
Informix  and  GEMPLUS,  has  proposed  to  the  United  States  Na- 
tional Security  Administration,  NSA,  a  hardware-based  encryption 
technique,  which  level  of  security  is  determined  by  government-is- 
sued Smart  cards  on  a  country-by-country  basis.  This  proposal  is 
presently  under  evaluation. 

Mr.  Cnairman  and  members  of  the  subcommittee,  I  would  like  to 
thank  you  for  your  invitation,  which  again  is  a  great  honor  and 
very  flattering  for  all  the  people  of  my  young  company. 

As  a  general  conclusion,  I  just  would  like  to  say  that  Smart  cards 
are  there  for  the  best,  I  believe,  of  the  human  society — communica- 
tion, education,  health  care,  social  benefits,  modern  transactions. 
We  are  convinced  that  the  best  policy  for  any  government  and  for 
the  development  of  this  new  industry  is  to  apply  a  monitoring 
activity  and  not  a  regulating  activity. 

Ladies  and  gentleman,  thank  you  very  much  for  your  attention. 

Chairman  Castle.  Thank  you  very  much,  Mr.  Lassus. 

We  welcome  Mr.  Lucas  and  Mr.  Metcalf,  who  have  joined  us,  and 
Mr.  Kennedy,  who  joined  us  for  a  moment  and  has  left  for  a 
moment. 

We  now  turn  to  Mr.  Jones  for  his  testimony. 

STATEMENT  OF  TIM  JONES,  CHIEF  EXECUTIVE  OFFICER, 

MONDEX 

Mr.  Jones.  Thank  you,  Mr.  Chairman.  Good  morning,  Mr.  Chair- 
man and  members  of  the  subcommittee,  ladies  and  gentlemen. 
Thank  you  very  much  for  inviting  me  to  speak  to  you  this  morning. 

My  name  is  Tim  Jones.  I'm  the  Chief  Executive  of  MONDEX,  an 
initiative  owned  by  the  National  Westminster  Bank,  PLC,  so  I 
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bring  you  the  greetings  of  my  chairman,  Lord  Alexander  of 
Weedon,  and  the  board  of  NatWest  Bank. 

NatWest  is  a  large  financial  services  group  with  businesses  in  re- 
tail banking,  principally  in  the  United  Kingdom.  And  in  the  United 
Kingdom  we  are  a  very  large  bank  with  millions  of  personal  cus- 
tomers and  millions  of  plastic  cards  of  various  types  in  issue. 

We  have  played  and  continue  to  play  a  leading  role  in  the  evo- 
lution and  management  of  payment  systems  on  a  national  scale 
and  on  a  global  scale.  We  are,  for  example,  represented  directly  on 
the  boards  of  EuroPay  International  and  MasterCard  International, 
and  we  also  have  a  substantial  VISA  card  issuing  business. 

What  I'd  like  to  do  for  a  few  minutes  this  morning  is  explain  to 
you  where  MONDEX,  this  digital  cash  initiative,  came  from  and 
what  our  aspirations  for  it  are. 

In  the  late  1980's,  we  were  in  the  United  Kingdom  recovering 
from  a  major  piece  of  competitive  activity  surroimding  the  intro- 
duction of  debit  cards.  This  was  the  second  big  discontinuity  or 
change,  if  you  like,  in  the  card  market  in  the  United  Kingdom,  the 
first  one  having  been  the  introduction  in  the  late  1960's  of  credit 
cards  and  charge  cards. 

When  we  came  to  review  the  situation  after  the  introduction  of 
debit  cards,  I  was  asked  to  look  into  the  future  and  to  see  whether 
there  might  be  another  major  change  or  discontinuity  ahead  of  us 
and,  if  so,  to  see  whether  NatWest  could  get  onto  the  front  foot  and 
become  active  in  shaping  and  defining  this  next  transformation. 

In  partnership  with  a  colleague,  Graham  Higgins,  it  became  clear 
that  stored  value  cards  could  well  represent  another  major  dis- 
continuity because  the  market  for  physical  money,  for  cash  trans- 
actions, is  enormous,  even  though  the  credit,  charge  and  debit 
cards  have  made  substantial  inroads  into  it  and  have  yet  further 
to  go  as  they,  as  products,  mature. 

After  a  year  of  being  unsuccessful  in  our  search  for  what  we  con- 
sidered to  be  the  appropriate  architecture  for  a  stored  value  system 
Graham  and  I  were  fortimate,  in  a  meeting  in  March  1990,  to  come 
up  with  the  architecture  for  MONDEX,  and  it's  on  the  second  of 
March  1990  that  this  initiative  began. 

We  are,  therefore,  over  6  years  old.  And  so  although  this  is  a  new 
activity  for  us,  we've  been  at  this  now  for  some  time. 

That  was  a  Friday.  And  when  Graham  and  I  came  back  into  the 
office  on  Monday,  the  fifth  of  March,  we  concluded  that  this  initia- 
tive, if  we  were  to  pursue  it,  should  be  global.  And  the  reason  for 
that  was  that  we  felt  that  there  was  a  clear  customer  utility  in  the 
product  being  global,  with  a  multiple  currency  capability,  and  that 
therefore  if  we  didn't  do  this  one  on  a  global  basis,  we  would  prob- 
ably get  taken  out  by  competitors  who  would  come  after  us,  who 
would  pursue  the  initiative  as  a  global  product. 

And  so,  from  the  very  outset  of  MONDEX,  it  has  been  designed 
to  be  global.  It  has  been  designed  to  handle  multiple  currencies  and 
indeed,  this  card  has  on  it  some  prototype  quantities  of  yen,  French 
Franc,  Deutsche  mark.  United  States  dollar,  and  Pound  Sterling  to 
illustrate  the  point. 

Having  a  global  design  from  the  outset  meant  that  we  had  to  ad- 
dress a  number  of  important  issues,  such  as  how  do  people  who  do 
not  share  a  language,  how  do  those  people  share  a  transaction? 


And  so  we  have  developed  a  set  of  symbols.  We  call  them  the 
MONDEX  motorway  symbols.  There's  a  symbol  for  balance  and  a 
symbol  for  statement  and  a  symbol  for  locking,  to  help  people  who 
don't  share  a  language  nevertheless  conclude  successfully  an  elec- 
tronic money  transaction. 

We've  worked  hard  on  all  of  the  technical  and  marketing  and 
legal  and  regulatory  aspects  of  MONDEX  over  these  6  years  and 
we've  done  that  in  partnership  with  a  number  of  leading  corpora- 
tions around  the  world. 

We're  now  in  the  process  of  selling  franchises  for  the  product  in 
major  economies  in  the  world  and  gathering  together  in  that  proc- 
ess a  group  of  leading  financial  institutions  to  be  our  partners  and 
shortly  co-owners  of  a  new  company  to  be  formed,  which  will  be 
called  MONDEX  International  Limited.  This  company  will  then 

fjovem  the  future  evolution  of  MONDEX.  NatWest,  if  you  like,  will 
ose  control  of  its  baby,  on  purpose,  because  it  would  not  be  appro- 
priate or  sensible  for  one  bank  in  one  country  to  seek  to  control  and 
manage  a  product  that  is  global  in  scope  going  forward. 

I'd  Tike  to  conclude  my  remarks  by  talking  about  the  scope  of 
MONDEX.  MONDEX  has  a  number  of  features,  such  as  the  ability 
to  limit  the  value  that  can  be  held  in  any  currency  on  any  purse, 
and  by  doing  so,  we  can  restrict  the  scope  of  the  product  in  the 
early  years  of  MONDEX  to  relatively  low  value  transactions  in 
physical  commerce — that's  in  shops — and  also  in  electronic  com- 
merce— ^for  example,  over  the  Internet. 

But  the  product  is  architected  to  allow  for  higher  value  transfers, 
say  between  corporations  or  between  banks,  and  we  will  wait  and 
see,  as  the  initiative  evolves,  how  those  things  might  be  taken 
forward. 

We  therefore  can  work  with  regulators  and  supervisors  now  to 
address  the  issues  for  MONDEX  working  in  its  first  proposed  role 
as  an  essentially  low  value  retail  payments  product  and  develop 
later  solutions  for  the  way  the  product  might  work  in  high  values. 

We  are  working  hard  to  bring  MONDEX  to  the  Internet  and  we 
hope  to  have  an  Internet  variant  or  an  Internet  solution  available 
next  year. 

Let  me  just  show  you  one  sense  of  where  the  product  is  going  by 
reference  to  the  cellphone,  which  Mr.  Lassus  has  already  men- 
tioned. This  is  a  European  digital  format  cellular  telephone  that 
obeys  the  GSM  standards  and  it  is  rendered  personal  to  me — it  be- 
comes my  cellphone  by  the  use  of  a  chip  card.  The  concept  that 
we're  working  on  is  that  we'll  place  a  MONDEX  purse  alongside 
the  cellular  application  on  that  single  chip.  That,  then,  allows  this 
machine  to  become  my  personal  cash  dispenser  because  I  can 
phone  the  bank  and  draw  value  down  into  the  internal  chip  that's 
in  this  device. 

In  this  MONDEX  wallet  there's  a  card  slot  at  the  top,  a  semi- 
insertion  card  slot,  and  we  could  build  a  slot  such  as  this  into  the 
side  of  the  cellphone.  Now  I  can  transfer  value  out  of  the  internal 
card  into  this  card  and  spend  in  shops. 

It's  also  capable  of  working  as  a  point-of-sale  device  because  any- 
body's card  could  be  placed  into  that  side-on  card  slot  to  pay  money 
into  the  internal  device.  And  then,  at  the  end  of  a  period  of  trading, 
I  can  use  it  as  a  bank  depositing  device  by  phoning  the  bank  and 
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sending  money  back  into  the  banking  system  over  the  cellular  net- 
work. 

So  that's,  if  you  like,  a  vision,  although  not  very  far  in  the  dis- 
tant ftiture,  where  the  cellular  telephone  takes  on  the  role  of  both 
cash  dispenser  and  point-of-sale  terminal  and  broadens  its  use. 
And  that's  a  relatively  high-tech  implementation  of  MONDEX.  But, 
to  get  started  with  MONDEX,  really  all  you  need  is  a  card  and  a 
balance  reader  to  tell  you  how  much  value  is  left  on  your  card.  And 
because  public  pay  phones,  suitably  adapted,  can  also  become  cash 
dispensers  in  the  world  of  electronic  money,  this  provides  for  a  vepr 
inexpensive  opportunity  for  everyone  in  society  to  participate  in 
electronic  money. 

Just  finally,  because  MONDEX  is  a  multi-currency  architecture, 
we  can  cope  with  proposed  new  currencies,  such  as,  in  Europe,  the 
Euro,  but  we  could  also  consider  the  introduction  of  currencies,  for 
example,  a  benefits  recipient  currency  alongside  the  standard  cur- 
rency for  a  country.  In  our  architecture  it  would  be  one  more  cur- 
rency and  could  sit  alongside  the  principal  currency  for  that  coun- 
try. 

Thank  you  very  much  indeed. 

[The  prepared  statement  of  Mr.  Tim  Jones  can  be  found  on  page 
62  in  the  appendix.] 

Chairman  Castle.  Thank  you,  Mr.  Jones.  I  think  some  of  us  up 
here  are  a  little  worried  about  the  human  foibles  and  weaknesses 
of  spending  money.  You're  making  it  a  little  bit  too  simple.  Maybe 
you  ought  to  slow  down  a  little  bit. 

Mr.  Watts  and  Mr.  LoBiondo  have  joined  us  in  between  speakers 
here  and  we  welcome  them  aboard,  as  well. 

Mr.  Jensen. 

STATEMENT  OF  HENNING  N.  JENSEN,  CEO,  DANMONT  A/S 

Mr.  Jensen.  Dear  Mr.  Chairman,  I  want  to  thank  the  sub- 
committee for  inviting  DANMONT  to  testify  in  this  hearing.  We 
are  a  50/50  percent  owned  company,  50  percent  by  the  banking 
community  and  50  percent  by  the  telephone  companies  in 
Denmark. 

We  have  introduced  the  first  broadly  accepted  stored  value  card 
in  the  world  and  our  company  only  has  one  goal,  to  replace  coins, 
and  we're  doing  that  in  more  than  60  cities  all  over  Denmark 
today. 

It's  also  important  to  notice  that  the  average  transaction  in  the 
svstem  is  one  and  a  half  U.S.  dollar.  So  we  are  not  trying  to  replace 
the  debit  card;  we're  not  trying  to  replace  credit  cards.  We  are  an 
additional  product  to  what  the  banking  community  has  offered  for 
years. 

In  1995  we  sold  the  license  to  VISA  International,  who  run  the 
system  under  the  name  of  VISA  Cash  under  the  upcoming  Olym- 
pics in  Atlanta. 

I'm  not  going  to  talk  about  the  future — it  seems  like  everybody 
else  wants  to  do  that  today — but  only  talk  about  what  we  have  in 
Denmark  already  in  operation.  Very  shortly  I  will  show  you  some 
of  the  features. 

But  I  also  want  to  remind  you  that  nearly  all  transactions,  some 
people  saying  up  to  99  percent  of  all  transactions,  take  place  within 
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30  miles  of  your  home.  So  we're  not  an  international  company. 
We're  trying  to  solve  a  Danish  problem  for  the  Danish  population. 
And  that  leaves  1  percent  of  the  transactions  for  international  use 
later,  and  we're  going  to  solve  that  one  day  in  the  future. 

I  did  not  have  an  opportunity  to  bring  all  our  equipment  with  me 
due  to  the  limitations  on  the  plane  but  I  could  bring  some  slides. 
First  of  all,  you  can  buy  a  card  like  this  anywhere  in  Denmark — 
in  bank  branches,  post  offices,  convenience  stores,  petrol  stations — 
and  it's  wrapped.  It's  wrapped  so  the  consumer  is  sure  that  the 
value  is  on  the  card  which  is  printed  on  the  front.  It's  wrapped  so 
we  can  give  the  cardholder  information  printed  on  the  back.  You 
just  unwrap  it  and  you're  ready  to  go. 

You  might  have  noticed  that  some  of  them  have  advertising  on 
them,  so  for  the  first  time  it  seems  like  notes  can  be  used  for  adver- 
tising, and  we're  selling  that  pretty  well.  The  cardholder  informa- 
tion and  the  sealing  is  all  done  for  consumer  protection. 

Now  we're  ready  to  go  around  Copenhagen.  You  can  use  it  for 
parking.  This  is  a  pay-in-place  system  which  is  used  in  downtown 
Copenhagen.  You  can  also  use  coins  in  these  machines. 

We  have  vending  machines.  Either  they're  for  coins  or  they're 
card-operated.  Newspaper  dispensing  machines — only  card-oper- 
ated. Telephones — half  of  them  are  card-operated;  the  other  half  is 
coin-operated. 

Mass  transit  ticketing  machines — ^you  can  use  coins  and  cards  in 
between  each  other.  Post  stamp  issuing  machines — ^you  can  use 
coins  or  cards  in  these  machines,  as  you  like,  and  you  can  issue 
any  stamp  with  any  value  you  like,  up  to  $20. 

It's  difficult  to  see  it  but  this  is  the  latest  within  the  post  office. 
It's  a  telephone,  a  fax  machine,  a  stamp-issuing  machine  and  a 
photocopying  machine.  Also,  this  Saturday  they  added  Internet  to 
this  wall  of  self-service,  which  is  coming  in  more  than  half  of  the 
post  offices  in  Denmark  within  the  next  5  years. 

We  also  are  able  to  recharge  your  electrical  car  because  other- 
wise you  won't  get  home  from  downtown  Copenhagen,  but  it  can 
only  be  done  on  your  card. 

And,  of  course,  we  have  terminals  for  self-environment  or 
manned  environment.  But,  as  you  might  notice,  the  majority  of  this 
has  been  self-service  environments  because  we  don't  want  to  com- 
pete with  debit  and  credit  cards. 

The  system  is  an  open  system  or  a  multi-purpose  system,  which 
means  that  DANMONT  is  in  the  center  of  it  and  it  could  have  been 
the  central  bank.  The  system  was  offered  to  the  central  bank  but 
they  did  not  want  to  take  on  this  technology  challenge  and  they 
allow  the  banks  and  the  telephone  company  to  do  it. 

That  means  that  anyone  who  can  be  a  card  issuer  on  the  right- 
hand  side  does  not  have  to  be  a  service  provider.  So  you  can  issue 
cards  without  being  a  service  provider.  And,  on  the  left-hand  side, 
you  can  be  a  service  provider  without  issuing  cards.  That's  why  we 
call  it  an  open  system. 

The  advantages  to  the  service  provider  is  mainly  that  they're  get- 
ting less  vandalism.  A  lot  of  people,  apparently  on  Friday  and  Sat- 
urday night,  want  to  get  hold  of  cash  so  they  can  buy  beer  and 
other  things  in  town.  That's  not  the  problem  in  itself.  It's  a  lot 
worse  what  it  costs  to  repair  the  machine.  So  that's  why  the  service 
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providers  are  keen  on  getting  these  systems  installed  all  over  the 
country. 

There  are  other  advantages,  like  increased  sales,  reduced  insur- 
ance costs,  easy  administration,  since  it's  all  electronic,  improved 
statistics,  and  long-term,  they  will  get  cheaper  transactions  for 
small  amounts. 

To  the  consumer  we  can  only  find  one  word;  that's  convenience. 
The  consumer  would  not  accept  this  if  it  was  not  convenient  to  the 
consumer.  The  consumer  wants  one  card  for  all  the  services  they're 
using  every  day,  including  cafeteria,  including  laundry,  including 
wherever  they  go.  So  you  can  say  a  lot  of  other  things  but  it  all 
boils  down  to  convenience. 

Consumer  protection  was  a  great  issue  when  we  started  this  sys- 
tem up  so  we  agreed  with  the  consumer  ombudsmen  and  the 
Consumer  Association  in  Denmark  that  there's  a  whole  lot  of  issues 
you  had  to  go  through — whether  you  need  a  PIN  or  you  don't  need 
a  PIN.  We  optioned  for  no-PIN  because  it's  small  amounts.  If  you 
drop  the  card,  somebody  else  picks  it  up  and  they  will  use  it, 
exactly  what  happens  with  your  coins. 

Somebody  says  there  should  be  a  blacklisting  possibility.  We  had 
to  admit  that  that's  not  possible  with  coins  or  notes,  and  it's  costing 
too  much  and  it  doesn't  give  any  additional  protection,  which  is 
worse. 

There  has  to  be  a  maximum  value  and  we  had  to  say  that  the 
Parliament,  on  April  22,  this  year,  passed  a  law  saying  that  you're 
allowed  to  make  these  cards  in  Denmark  with  a  maximum  value 
of  200  U.S.  dollars,  similar  to  U.S.  dollars. 

There  should  be  a  display  on  all  terminals  so  you  can  see  what 
is  the  remaining  balance  on  your  card  before  and  after  you  have 
used  it,  so  you  can  see  it's  deducted  correctly.  There's  an  Accept 
button,  so  you're  not  deducted  just  by  passing  or  just  by  doing,  just 
by  inserting  the  card.  You  actively  have  to  press  the  Accept  button. 

Split  payment  means  that  you  should  be  able  to  split  a  payment 
over  several  cards  or  between  cards  and  coins.  It  should  be  possible 
to  refund  the  balance.  You  just  mail  us  the  card  and  you  will  get 
the  remaining  balance  paid.  Our  telephone  number  is  on  the  back 
so  any  consumer  always  knows  where  to  phone  if  they  have  a  ques- 
tion. And,  for  security  reasons,  there's  an  expiration  date  on  this 
system,  on  all  cards. 

There  were  several  legal  issues  we  looked  into.  First  of  all,  I  have 
to  admit  that  these  issues  are  different  country  by  country.  I  think 
that  goes  for  every  country  in  Europe.  It  also  goes  here.  But  is  pub- 
lic authorization  required:  In  that  case,  from  whom,  and  who  is  su- 
pervising? In  Denmark,  it's  the  Bank  Supervisory  Board  who's  sup- 
posed to  look  after  us. 

Is  there  a  request  for  reserve  funding?  Yes.  We  have  to  place  all 
money  in  banks  or  government  bonds.  Those  are  the  only  two  op- 
tions we  have. 

Are  there  audit  requirements?  Yes.  That  is  required  by  the 
central  bank.  Otherwise  they  won't  allow  the  system  to  operate. 

Are  there  written  rules  for  cardholders?  Yes,  what  is  printed  on 
the  back  of  the  wrapping.  There  are  rules  for  complaints.  Yes, 
that's  agreed  with  the  consumer  ombudsman.  And  there  are  other 
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consumer  protection  issues  which  we  have  agreed  with  the 
Consumer  Association. 

I  also  have  to  admit  that  there  can  be  environmental  issues. 
Many  of  these  cards  are  made  by  PVC.  You  can  get  them  made  by 
ABS;  you  can  get  them  made  by  PET  and  there's  a  lot  of  other  ab- 
breviations, but  we  have  also  been  trying  to  make  these  cards  out 
of  wood,  plain  wood.  And  it's  working.  We  don't  know  how  well  and 
we  know  that  there  are  other  environmental  issues  in  this  because 
you  don't  cut  wood  that  thin  without  other  problems  getting  into 
the  production  process.  But  at  least  we're  trying  to  put  these  cards 
into  the  market  and  see  how  they  work.  I  expect  that  within  6 
months  we  will  know  more  about  it. 

So,  on  the  privacy  issue  you  can  buy  this  card  by  putting  cash 
on  the  table  and  we  don't  know  who  you  are.  We  don't  know  where 
the  cash  is  coming  from.  We  can't  follow  you.  What  we  can  follow 
is  the  transaction  back  to  the  number  of  this  chip,  but  we  have  no 
idea  who  the  owner  of  the  chip  is. 

We  are  serving  all  segments  of  society  and  that  means  also  the 
unbanked  can  buy  these  cards  anywhere  they  like. 

The  system  had  to  be  open,  since  we  are  a  monopoly,  to  all  serv- 
ice providers  on  fair,  even  and  public  terms.  We  have  agreed  with 
the  central  bank,  with  the  Department  of  Commerce,  Supervisory 
Board  for  Banks,  that  the  system  has  to  be  auditable,  it  has  to  be 
accountable  and  it  has  to  be  traceable.  That  was  the  foundation  of 
getting  permission  to  operate. 

And  there  has  been  a  lot  of  theoretical  discussion  about  will  a 
system  like  this  have  any  effect  on  the  money  supply?  I'm  not  a 
professional  in  that  business  but  according  to  the  central  bank,  it 
would  have  no  or  at  least  only  a  very  limited  short-term  effect  on 
the  M3.  I'm  sure  that  if  you  want  to  know  more,  you  can  contact 
the  Danish  central  bank,  who  know  far  more  about  it  than  I  do. 

Last,  please  remember  the  DANMONT  is  just  an  infrastructure 
company.  We're  not  buying;  we're  not  selling  anything.  We're  pro- 
viding the  society  with  an  infrastructure,  a  new  infrastructure  very 
different  from  the  one  used  in  debit  and  credit  cards. 

We  are  onlv  the  system  operator  and  we  are  very  often  asked, 
what  about  the  profitability  of  being  a  system  operator?  Yes,  the 
business  case  seems  to  take  5  to  7  years  to  be  profitable,  depending 
on  how  good  you  are.  And  then  remember  that  most  of  the  trans- 
actions, up  to  99  percent,  are  just  close  to  your  house.  Thank  you. 

Chairman  Castle.  Thank  you  very  much,  Mr.  Jensen.  We  appre- 
ciate that. 

Mr.  Calvert. 

STATEMENT  OF  DENIS  CALVERT,  VICE  PRESIDENT  AND  GEN- 
ERAL MANAGER,  U.S.  FINANCIAL  RETAIL  DIVISION, 
VERIFONE 

Mr.  Calvert.  Mr.  Chairman,  distinguished  subcommittee  mem- 
bers and  members  of  the  subcommittee  staff,  it  is  my  distinct  privi- 
lege to  be  here  today  to  offer  VeriFone's  perspective  regarding  the 
evolution  of  payment  systems. 

VeriFone  is  a  global  firm  with  headquarters  in  Redwood  City, 
California.  In  1995  our  revenues  approached  $400  million.  We  do 
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business  in  over  100  countries  and  employ  approximately  3,000 
people. 

VeriFone  is  the  world  leader  in  transaction  automation.  Many  of 
vou  know  us,  although  probably  not  by  name  but  by  the  small  grey 
boxes  through  which  retailers  slip  your  credit  card.  We  have  in  ex- 
cess of  5  million  of  those  little  grey  boxes  installed. 

VeriFone's  systems  and  related  software  components  are  used  in 
international  Smart  card  schemes  such  as  VISA  Cash,  MasterCard 
Cash  and  MONDEX.  In  the  Asia-Pacific  region,  VeriFone  is  ac- 
tively promoting  its  stored  value  technology  in  Hong  King,  People's 
Republic  of  China,  Indonesia,  Japan,  Thailand  and  India.  In  addi- 
tion, the  company's  distributors  have  developed  and  installed  end- 
to-end  stored  value  solutions  for  Italy,  Russia  and  elsewhere. 

As  Vice  President  and  Greneral  Manager  for  VeriFone's  United 
States  financial  retail  division,  I  have  overall  responsibility  for 
sales,  marketing,  finance  and  development.  As  the  fourth  speaker, 
you  possibly  notice  a  slight  accent.  I  hail  from  the  Deep  South  but 
now  reside  in  the  North,  in  Atlanta. 

[Laughter.] 

Clearly,  the  landscape  is  quickly  changing  with  regard  to  pay- 
ment infrastructure  in  the  United  States.  It  is  VeriFone's  intent  to 
play  a  significant  role  in  the  virtual  market  space  for  payments, 
just  as  we  already  do  in  the  physical  market  space,  that  is,  the  re- 
tail countertop. 

Today  VeriFone  is  participating  around  the  world  in  a  number 
of  pilots  that  involve  the  development  of  regional  payment  systems 
using  a  variety  of  technologies.  We  believe  VeriFone  may  be  able 
to  provide  you  with  interesting  insights  into  the  evolution  of  chip 
cards  and  Internet  payment  systems. 

In  my  testimony  I  want  to  describe  one  of  perhaps  many  possible 
pa5mient  scenarios  that  may  provide  a  glimpse  of  the  future  of 
money  fi'om  VeriFone's  perspective.  This  scenario  is  intended  to 
provide  you  with  an  academic  view  that  should  place  a  number  of 
payment  svstems  and  technologies  into  better  focus. 

As  you  know,  the  Internet  has  been  on  an  exponential  growth 
curve  for  the  last  several  years,  in  spite  of  significant  infrastruc- 
ture deficiencies.  Nevertheless,  it  is  expected  that  many  of  the  in- 
frastructure problems  will  be  reduced  sufficiently  to  enable  bilHons 
of  dollars  to  be  transferred  annually  over  the  Internet  in  just  a  few 
years. 

VeriFone,  as  one  of  many  companies  developing  pieces  for  a  new 
generation  of  the  chip  card  and  Internet  payment  systems,,  sees  no 
technical  obstacles  to  prevent  these  expectations  from  being 
realized. 

First  I  will  describe  a  few  of  the  important  payment  systems 
components  under  development  at  VeriFone  that  will  help  define 
the  future  of  money.  With  that  as  a  background,  I  will  speculate 
about  one  of  the  many  possible  evolutionary  paths  these  new  pay- 
ment systems  could  take  us.  I  will  speculate  about  a  number  of  sig- 
nificant benefits  that  may  be  realized  and  conclude  with  sugges- 
tions of  actions  that  this  subcommittee  might  be  able  to  take  to 
help  realize  the  enormous  potential  of  an  information -based  world 
technology. 
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Next,  one  of  the  cornerstones  that  will  shape  the  future  of  money 
is  the  strength  of  a  private  sector  national  and  international  public 
key  certification  infrastructure.  The  foundation  for  electronic  com- 
merce in  the  broadest  sense  depends  on  this  critical  infrastructure, 
including  many  Internet  payment  schemes.  If  these  certification 
systems  are  susceptible  to  compromise,  if  they  are  not  supported  in 
law,  if  they  do  not  provide  a  solution  to  the  business  liability  issues 
related  to  the  certificate  authority,  then  business  transactions  and 
the  transfer  of  money  over  public  networks  may  never  reach  their 
full  potential. 

Another  facet  of  this  issue  is  the  vulnerability  of  public  networks 
to  calculated  disruption  by  terrorists  or  other  resourceful  entities. 
My  recommendation  to  tnis  subcommittee  is  that  you  spend  the 
time  necessary  to  understand  and  judge  for  yourself  the  serious- 
ness of  this  threat  to  our  emerging  monetary  schemes  and  auto- 
mated payment  systems. 

Perhaps  this  subcommittee  could  explore  and  reinforce  national 
and  international  efforts  designed  to  maintain  the  integrity  of  pub- 
lic networks,  thus  ensuring  a  stable  international  value  transfer 
system  over  the  long  term. 

Today  there  are  at  least  two  fundamental  trends  that  may  have 
tremendous  influence  on  the  future  of  electronic  money  and  pay- 
ment systems.  First,  public  key  cryptology,  with  its  dependence  on 
public  key  certificates,  seems  well  positioned  to  provide  a  solid 
foundation  for  electronic  payment  systems  over  the  Internet. 

The  agreement  between  MasterCard  and  VISA  on  the  SET  proto- 
col and  the  ANSI  X.509  public  key  certificates  was  a  milestone 
event  in  the  development  of  transaction-level  security  for  the 
Internet.  The  use  of  public  key  certificates  by  consumers  to  secure 
their  credit  card  transactions  is  the  beginning  of  new  payment  sys- 
tems in  electronic  money.  We  expect  to  see  an  increasing  use  of 
public  certificates  for  electronic  payment  transactions  over  the 
Internet.  We  expect  that  public  key  cr5T)tology  will  rapidly  become 
a  foundation  for  secure  electronic  commerce  transactions  in  the 
broadest  sense,  not  just  for  payments. 

Second,  we  expect  the  exponential  growth  of  the  Internet  to  con- 
tinue internationally  and  the  value  transfers  to  reach  into  the  hun- 
dreds of  billions  of  dollars  in  the  near  future.  This  explosive  growth 
suggests  that  Internet  payment  schemes  and  their  support  infra- 
structure will  define,  to  some  degree,  the  future  of  money  on  an 
international  scale. 

The  value  transfers  that  will  take  place  from  consumers-to-con- 
sumers,  consumers-to-business,  business-to-business,  government- 
to-business,  and  so  forth,  will  be  driven  by  the  inherent  efficiencies 
of  an  information-based  world  economy.  If  this  proves  to  be  the 
case,  then  there  may  be  a  significant  portion  of  purchases  occurring 
with  the  Internet-based  virtual  stores. 

Since  merchants  are  the  key  end  users  of  our  products,  VeriFone 
intends  to  pursue  strategies  that  enable  physical  merchants  to  me- 
thodically upgrade  their  terminals,  those  grey  boxes  I  described 
earlier,  to  accept  new  Internet-based  payment  schemes,  as  well  as 
enable  virtual  merchants  to  accept  payments.  We  expect  physical 
and  virtual  merchants  to  co-exist,  with  significant  increases  in  pay- 
ment transactions  through  virtual  merchants  over  time. 
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At  this  time  I  want  to  propose  a  number  of  questions  related  to 
the  future  of  money. 

Should  this  subcommittee  participate  in  or  monitor  the  definition 
of  a  national  and  international  public  key  certification  infi^astruc- 
ture? 

Should  this  subcommittee  monitor  the  passage  of  digital  signa- 
ture legislation  by  States  and  the  Federal  Grovemment?  Should  this 
subcommittee  oversee  or  foster  the  development  of  Internet-based 
electronic  payment  schemes  for  government  transfer  payments? 

Should  this  subcommittee  or  some  other  Federal  agency  assist 
the  private  sector  in  promoting  consumer  trust  of  emerging 
Internet-based  payment  infrastructure? 

Is  there  anything  this  subcommittee  or  other  committees  can  do 
to  assist  the  banking  industry  in  fostering  public  trust  for  Internet 
pajrment  and  commerce  in  general? 

On  the  other  end  of  the  spectrum,  should  this  subcommittee  have 
a  special  responsibility  to  monitor  the  potential  threats  from  infor- 
mation warfare  on  the  emerging  electronic  money  systems? 

In  conclusion,  I  have  appended  Appendix  A  to  my  testimony.  I 
describe  a  number  of  key  payment  system  components  currently 
under  development  by  VeriFone.  In  Appendix  B  I  speculate  about 
how  those  payment  system  components  might  become  as  common 
in  our  daily  lives  as  cash  registers,  credit  card  terminals  and  auto- 
mated bank  terminals  are  today. 

One  of  the  more  important  of  these  components  is  the  chip  card 
reader/writer  attached  to  a  home  PC.  We  refer  to  this  product  as 
Payport,  or  the  personal  ATM  in  the  home.  If  a  sufficiently  large 
number  of  these  chip  devices  or  appliances  are  distributed  to  con- 
sumers as  a  security  component  for  the  Internet-based  home  bank- 
ing applications,  it  seems  possible  that  they  could  have  a  signifi- 
cant catalytic  effect  on  the  future  of  private  sector  commerce,  both 
on  and  off  the  Internet,  and  on  the  public  sector  transfer  payments 
dispersed  over  the  Internet. 

We  conclude  from  these  ideas  that  the  distribution  of  chip  cards 
and  chip  card  terminals  into  the  consumers'  homes  may  be  very 
important  in  accelerating  the  evolution  toward  secure  monetary 
pajrment  systems  in  our  physical  world. 

If  it  were  feasible  to  distribute  government  welfare  payments 
over  the  Internet  and  onto  chip  cards,  this  factor  would  provide  an 
important  incentive  for  businesses  to  upgrade  to  a  stored  value 
infrastructure. 

Finally,  I  want  to  reiterate  the  importance  of  a  national  and 
international  public  key  certification  infrastructure  to  the  future  of 
money.  I  hope  you  will  continue  to  explore  these  issues  and  the  im- 
portant role  this  legislative  body  could  play  in  this  critical  nature. 
Thank  you. 

[The  prepared  statement  of  Mr.  Denis  Calvert  can  be  found  on 
page  116  in  the  appendix.] 

Chairman  Castle.  Thank  you,  Mr.  Calvert,  and  thank  you  for 
your  questions  for  expanding  the  jurisdiction  of  this  subcommittee. 
You've  given  us  a  lot  of  work  to  do. 

Dr.  Donegan. 
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STATEMENT  OF  JOHN  DONEGAN,  PHJ).,  VICE  PRESmENT  FOR 
OPERATIONS,  FIRST  VIRTUAL  HOLDINGS,  INC. 

Mr.  DONEGAN.  Mr.  Chairman  and  members  of  the  subcommittee, 
I'm  John  Donegan,  Chief  Operations  Officer  of  First  Virtual  Hold- 
ings. I  appreciate  this  opportunity  to  share  our  views  regarding 
new  developments  in  electronic  payments. 

First  Virtual's  Internet  payment  system  came  on  line  in  October 
of  1994.  We  have  our  heaaquarters  in  San  Diego  and  our  scientific 
team  includes  some  of  the  world's  leading  Internet  experts. 

Since  1994,  we  have  settled  nearly  200,000  transactions,  pri- 
marily for  the  sale  of  intellectual  property,  and  today  we  serve 
more  than  145,000  customers  and  1,800  merchants  located  in  more 
than  140  countries. 

We  believe  that  our  approach  to  providing  Internet  payment  se- 
curity is  generally  simpler  for  our  customers  than  competing  alter- 
natives. Nevertheless,  all  electronic  commerce  systems  raise  com- 
plex technical  issues,  and  we've  certainly  heard  a  number  of  those 
here  this  morning. 

First  Virtual  is  imique  in  that  we  do  not  rely  on  encryption  to 
assure  safe  transmission  of  critical  payment  information.  Instead, 
only  nonsensitive  information  travels  over  the  Internet.  Our  buyer 
feedback  system  is  based  upon  ordinary  E-mail,  the  lowest  common 
denominator  of  Internet  connectivity. 

Our  customers  use  a  personal  identification,  a  virtual  PIN,  which 
is  useless  off  the  Net  and  requires  E-mail  confirmation  for  use  on 
the  Net.  Our  security  philosophv  is  to  keep  it  simple.  Our  security 
system  is  process-based,  not  tecnnology-based.  Ana  while  our  secu- 
rity system  is  not  cryptographic,  we  are  not  opposed  to  cryptog- 
raphy. In  fact,  we  employ  it  in  many  ways  on  the  merchant  side 
of  our  system. 

We  consider  the  use  of  the  existing  Internet  infrastructure  and 
the  lack  of  a  need  for  distributed  software  to  be  an  asset.  We  do 
not  claim  that  our  system  is  invulnerable  to  attack  but  we  have 
simplified  our  security  challenge  by  fundamentally  keeping  our  cus- 
tomers' credit  cards  off  of  the  Internet. 

Mr.  Chairman,  we  applaud  the  efforts  of  this  subcommittee  over 
the  last  year  in  taking  testimony  on  this  subject.  We  believe  that 
now  is  the  proper  time  for  Congress  to  be  informing  itself.  You  ap- 
pear to  understand  that  premature  excessive  regulation  could  stifle 
Internet  commerce.  We  agree  with  that. 

We  believe  that  a  survey  of  existing  laws  and  regulations  will  re- 
veal that  most  electronic  commerce  circumstances  will  ultimately 
be  handleable  with  the  current  set  of  regulations. 

One  of  the  key  tasks  of  your  subcommittee,  it  seems,  is  to  under- 
take such  a  survey  of  existing  laws  and  regulations  which  apply  to 
the  new  financial  technology.  And  only  after  evaluating  the  current 
legal  landscape  should  new  lawmaking  address  potential  problems 
which  could  undermine  public  confidence. 

Effective  public  policy  will  reduce  risk,  not  merely  transfer  it. 
Risk  should  be  both  minimized  and  then  spread  across  the  multiple 
set  of  protection  factors  so  that  a  breach  in  any  single  factor  will 
not  result  in  a  catastrophic  failure  of  the  system. 

There  are  two  general  policy  recommendations  that  we  would 
make  now.  First,  all  of  those  involved  in  Internet  commerce  must 
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educate  their  customers  regarding  the  nature  of  the  Internet  and 
the  available  means  for  resolving  commercial  disputes  in 
cyberspace.  First  Virtual  delivers  such  support  around  the  clock 
every  day  of  the  week. 

Second,  banking  regulators  can  utilize  their  general  safety  and 
soundness  authority  to  encourage  financial  institutions  to  inves- 
tigate the  adequacy  of  security  provided  by  current  payment  sys- 
tems and  to  reevaluate  the  security  of  their  own  data  and  storage 
and  transmission  activities. 

The  Federal  Reserve  took  a  positive  step  in  this  direction  in  its 
May  21  order,  recognizing  that  Internet  banking  met  the  test  for 
a  permissible  bank  holding  company  activity  and  that  banking  or- 
ganizations undertaking  such  services  must  analyze  potential  risks 
and  make  appropriate  provisions  for  the  protection  of  critical  data. 

Internet  payment  systems,  such  as  First  Virtual,  are  necessary 
due  to  the  very  nature  of  Internet  commerce.  Customer  and  mer- 
chant authentication  must  be  provided.  The  Internet's  technology 
both  facilitates  commerce  and  erects  a  barrier  to  it.  Inevitable  serv- 
ice problems  make  it  impossible  for  consumers  to  differentiate  be- 
tween a  technical  failure  and  fraud.  One  of  our  key  roles  is  to  me- 
diate and  resolve  such  problems  for  a  customer  population  that  is 
largely  new  to  computers  and  to  the  Internet. 

First  Virtual  is  not  a  banking  institution.  With  the  exception  of 
Regulation  Z,  which  governs  chargebacks,  we  are  not  subject  to 
Federal  Reserve  regulations.  First  Virtual  does  not  believe  that  the 
Internet  payment  system  should  be  subjected  to  bank-like 
regulations. 

But,  as  the  Fed  has  recognized,  financial  institutions  should  not 
attempt  to  conduct  business  through  electronic  systems  with  seri- 
ous security  flaws.  The  mass  exploitation  of  the  Internet  commerce 
system  by  criminal  elements  could  seriously  retard  the  progress  of 
electronic  commerce.  And  maintaining  Internet  site  security  is 
critically  important.  At  the  same  time,  we  believe  that  law  enforce- 
ment agencies  should  be  afforded  the  best  possible  resources  to 
deal  with  computer  criminals. 

There  are  areas  where  regulation  is  not  keeping  up  with  tech- 
nology. The  legal  system  has  yet  to  realize  the  critical,  powerful 
role  of  the  system  administrator  in  the  information  society.  Like 
other  firms,  we  use  great  care  regarding  employee  hiring.  We  use 
standards  and  other  controls  to  prevent  unauthorized  use  of 
account  information. 

In  the  future,  system  administrators  in  financial  systems  may 
need  to  be  held  to  a  higher  standard,  such  as  other  trusted  individ- 
uals within  our  society.  Public  policymakers  need  to  understand 
the  potential  consequences  of  a  security  system  failure  and  ask 
what  is  being  done  to  bound  these  risks. 

In  all  current  legal  regimes,  the  key  question  of  jurisdiction  is 
largely  geography-based.  The  Internet  obliterates  geography  and 
therefore  challenges  existing  practices.  It  would  be  desirable  if 
multi-national  bodies  establish  universal  standards  for  Internet 
commerce  but  these  issues  raise  difficult  questions  of  sovereignty 
in  differing  legal  regimes. 
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Sorting  this  out  will  take  time.  In  the  interim,  we  believe  that 
the  simplest  and  most  secure  approaches  to  Internet  commerce  are 
the  best. 

As  First  Virtual  serves  businesses  and  customers  around  the 
globe  over  the  succeeding  years,  we'll  be  pleased  to  share  useful 
data  and  insights. 

Now,  not  everything  in  electronic  commerce  is  a  challenge  for  fu- 
ture policy.  One  of  the  most  exciting  aspects  of  Internet  commerce 
is  the  hospitable  attitude  it  affords  to  entrepreneurial  micro-busi- 
nesses. Flexible  payment  systems  are  a  key  to  avoiding  haves  and 
have-nots  on  the  Internet. 

Our  payment  system  accommodates  the  smallest  companies.  One 
could  be  a  First  Virtual  merchant  without  meeting  the  more  vigor- 
ous standards  of  established  credit  card  networks.  The  only  cost  for 
this  is  the  payment  is  delayed  in  recognition  of  the  chargeback 
period  established  by  Federal  law. 

First  Virtual  is  committed  to  Internet  commerce.  We  believe  that 
it's  inevitable  and  that  its  potential  far  outweighs  its  threats.  Many 
of  the  risks  described  in  our  testimony  are  faced  by  our  company 
and  others.  None  of  these  risks  are  new  and  many  people  are 
working  on  their  solutions. 

We're  committed  to  building  public  confidence  in  electronic  com- 
merce while  maintaining  the  fundamental  soundness  of  the  finan- 
cial system.  We  don't  have  any  neat  and  simple  solutions  for  you 
but  we're  willing  to  continue  a  dialogue  with  you  and  your  staff 
and  other  Members  in  a  quest  for  modem  laws  for  our  new 
financial  age. 

Thank  you  very  much,  sir. 

[The  prepared  statement  of  Mr.  John  F.  Donegan  can  be  found 
on  page  153  in  the  appendix.] 

Chairman  Castle,  Thank  you.  Dr.  Donegan.  We  appreciate  your 
testimony  and  the  testimony  of  all  of  you. 

We  enter  now  into  a  phase  of  question  and  answer  in  which  the 
members  of  the  subcommittee  ask  questions.  We  also  operate  on  a 
five-minute  basis  and  we'll  enforce  that  relatively  strictly,  simply 
to  be  fair  to  all  the  members,  but  we  might  have  a  second  round 
if  members  still  have  questions  after  they've  finished  their 
questions, 

I  have  a  whole  lot  of  questions.  I  could  ask  specific  questions 
about  some  of  your  testimony  or  general  questions,  and  I'm  going 
to  start  with  some  general  questions.  But  if  all  five  people  answer 
my  first  question,  I'm  dead.  That's  it. 

So  I  would  ask  a  couple  of  things.  One,  because  there  are  five 
of  you,  if  you  could  be  very  concise  in  your  answers.  And  second, 
I'm  going  to  ask  a  couple  of  general  questions  and  maybe  take  one 
or  two  of  you  for  each  of  the  questions.  So  perhaps  if  you  see  the 
others  speaking,  you  can  wait  till  there's  another  question  and  we 
can  try  to  rotate  it  a  little  bit.  But  these  are  some  things  I  think 
we  need  to  find  out. 

Let  me  start  with  this.  The  exchange  of  value  over  the  Internet 
by  millions  of  unidentified  individuals  and  businesses  could  ulti- 
mately affect  the  government's  ability  to  conduct  monetary  policy. 
Do  you  see  this  as  a  problem  and  what  do  you  suggest  as  solutions? 
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I  think,  Mr.  Jensen,  you  may  have  indicated  you  didn't  see  it  as 
a  problem  earher,  or  at  least  I  interpreted  something  you  said  to 
that  effect,  but  I  ask  that  question.  Is  anyone  willing  to  undertake 
that  answer?  Mr.  Lassus. 

Mr.  Lassus.  As  I  said  briefly,  we  see  very  good  technical  solu- 
tions to  really  secure  the  Internet  and  make  sure  that  the  trans- 
actions within  a  country  and  from  country-to-country  will  be  highly 
secure.  And,  as  I  mentioned,  Hewlett  Packard  and  Informix,  too,  an 
American  corporation,  and  ourselves  go  into  that  direction. 

So  basically  we  are  going  to  respect  the  regulation  for  every 
country,  distributing  several  cards,  which  comply  with  local  regula- 
tion, be  able  to  cross  the  border  with  some — I  have  to  use  technical 
words — with  algorithms  which  allow  them  to  go  through  the  border 
and  then,  on  the  other  side  of  the  border,  the  other  country,  we'll 
be  applying  the  local  regulations,  again  by  using  Smart  cards. 

Chairman  Castle.  Thank  you.  And  Mr.  Calvert? 

Mr.  Calvert.  I  believe  with  the  use  of  public  key  cryptology, 
where  a  public  certificate  is  issued  for  payments  over  the  Internet, 
where  the  key,  the  public  key  is  out  and  your  personal  key  is  out, 
so  you  can  identify  where  the  money  is  transferred  to  and  where 
it  goes  to,  provides  that  protection. 

And  also,  the  protection  that's  provided  by  the  work  that's  being 
done  by  VISA,  MasterCard  and  others  on  the  subcommittee  for  the 
SET  Protocol,  which  is  secure  electronic  transactions,  also  helps 
secure  that  payment. 

Chairman  Castle.  Would  you  agree,  just  as  a  quick  follow-up, 
that  it  is  a  legitimate  question,  though,  that  we  and  other  countries 
need  to  be  raising  in  terms  of  the  impact  of  all  of  this  and  the 
aggregate  form  on  monetary  policy? 

Mr.  Calvert.  It's  certainly  a  valid  question  and  one  that  we  need 
to  ensure  that  we  have  sufficient  security  on,  so  we  know  what  the 
point  of  departure  is  and  what  the  point  of  entry  and  destination 
is. 

Chairman  Castle.  Let  me  change  subjects  altogether.  Is  an 
amount  that  is  apparently  abandoned  on  a  MONDEX  Smart  card 
or  a  Smart  card  subject  to  escheat,  either  in  the  United  States  or 
the  United  Kingdom  or  any  other  country  that  has  a  different  sys- 
tem? If  not,  why  not,  and  is  this  something  that  was  considered  in 
the  development  of  your  system? 

Mr.  Jones.  If  I  may,  the  issue  of  escheat  is  basically,  in 
MONDEX,  a  territory-by-territory  issue.  In  MONDEX,  for  each 
participating  currency,  there's  a  body  created,  what  we  call  the 
MONDEX  originator,  so  there'd  be  a  U.S.  dollar  originator,  a  Ster- 
ling originator,  and  so  forth.  And  that  body  would  enter  into  dis- 
cussions with  supervisors  and  regulators  in  that  territory  to  deal 
with  issues  like  escheat. 

And  what  we've  tried  to  do  with  MONDEX,  therefore,  is  to  essen- 
tially decentralize  to  a  country  and  a  currency  level  that  kind  of 
debate  so  that  if  necessary  or  if  desired,  different  currency  man- 
agers in  conjunction  with  their  regulators  can  take  different  solu- 
tions. It's  not  something  that  has  to  be  agreed  on  a  global  basis. 
It  clearly  does  need  to  be  agreed  on  a  currency-by-currency  basis. 
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Chairman  Castle.  So  it's  currency-by-currency,  country-by-coun- 
try, in  accordance  with  their  laws  on  escheat,  and  you're  trying  to 
comply  with  that.  Is  that  the  general  gist  of  it? 

Mr.  Jones.  The  gist  of  it  is  that  solution  can  be  created  for  each 
currency  through  conversations  with  the  appropriate  government. 

Chairman  Castle.  Thank  you. 

There  are  many  companies  developing  Smart  card  and  stored 
value  technology.  Although  the  basic  premises  are  similar,  hard- 
ware and  software  vary.  Is  the  industry  moving  toward  a  single 
standard  or  do  you  think  that  there  will  be  common  links  for  a  va- 
riety of  products,  as  now  exists  with  ATM  networks? 

Ajid  I  would  point  out  to  you  I  think  that  ATM  networks  became 
much  more  valuable  when  they  developed  all  their  common  links 
than  they  ever  were  theretofore.  I'll  start  with  Mr.  Jones. 

Mr.  Jones.  I  think  there  are  some  key  things  to  balance  here. 
This  digital  money  market  is  a  classic  emerging  market  and  there 
are  different  architectures  and  different  products  proposed  and  I 
think  it's  good  that  that  be  the  case  at  this  stage. 

However,  there  are  some  absolutely  critical  interoperability  re- 
quirements that  must  be  met.  One  obvious  one  is  that  a  merchant 
should  be  able  to  purchase  a  single  point-of-sale  terminal  which  is 
capable  of  accepting  all  of  the  different  chip  card  products  that  that 
merchant  wishes.  And  I'm  sure  Mr.  Calvert  can  say  more,  but 
VeriFone  recently  showed  a  terminal  at  a  U.S.  card  conference, 
CardTech-SecurTech,  in  May,  which  was  capable  of  taking  our 
product,  MONDEX,  and  an  American  Express  chip  card  product 
and  a  MasterCard  International  chip  card  product  into  the  same 
slot  on  the  terminal. 

And  we  have  regular  conversations  from  the  MONDEX  point  of 
view  with  the  folks  at  the  EMV  standard-setting,  EuroPay, 
MasterCard  VISA  standard-setting  group,  to  ensure  that  the  level 
of  compatibility  that's  required  is  there. 

Chairman  Castle.  Mr.  Calvert,  we  have  10  minutes  to  finish  our 
vote.  You  may  have  heard  the  buzzers  going  off.  We're  going  to  let 
you  answer  this  and  then  my  portion  of  me  questioning  for  the 
first  round  will  be  over  and  we'll  come  back  as  soon  as  this  vote 
is  over.  Hopefully,  there  won't  be  a  follow-up  vote  to  it.  We'll  start 
with  whomever  is  here.  That's  about  a  15-minute  break  as  far  as 
you're  concerned.  We  apologize.  There's  nothing  we  can  do  about  it. 
The  floor  takes  precedence. 

Mr.  Calvert. 

Mr.  Calvert.  To  Tim's  point,  we  are  in  emerging  technology  but 
we  are  doing  exactly  the  same  thing.  It's  historical.  If  we  look  at 
what  has  happened  with  the  development  of  automatic  teller  ma- 
chines, with  the  development  of  credit  card  pajrment  systems,  they 
all  started  out  as  local  schemes  and  then  they  developed  from  local 
to  regional  and  national.  And  part  of  the  development  was  a  regu- 
lation that  said  here  is  a  standard,  it's  an  open  system. 

I  believe,  with  the  work  that's  being  done,  with  EMV  specifica- 
tions, the  work  that  I  mentioned  before  on  the  SET  protocol,  will 
allow  this  to  be  an  open  system  that  all  companies  will  play  in 
eventually,  but  it  will  roll  out  as  a  local  before  it  becomes  regional 
and  then  national  and  international. 

Chairman  Castle.  OK.  Thank  you,  Mr.  Calvert. 
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We  will  stand  in  temporary  recess  for  about  15  minutes  and  we'll 
resume  at  that  point.  Thank  you. 

[Recess.] 

Chairman  Castle.  The  subcommittee  will  resume  order. 

We  don't  have  any  of  the  other  Members  yet  and  that  gives  me 
a  chance  to  ask  the  questions,  so  I  hurried  back  to  get  ahead  of 
them.  I  wanted  to  ask  another  question.  In  fact,  no  one  is  even 
manning  the  clock  right  now  so  I  can  get  away  with  murder  for  a 
little  bit. 

Let  me  ask  one  general  question  that  I  did  want  to  get  answered. 
Should  the  amount  on  Smart  cards  be  protected  against  loss?  How 
could  loss  protection  be  incorporated  with  consumer  privacy? 

That's  an  issue  that  we  hear  more  and  more  about.  I  tnink  one 
of  you  said  the  card  ought  to  be  treated  as  cash  and  if  somebody 
else  found  it — that's  fine  if  it's  a  $20  card  but  when  you  start  to 
get  into  higher  values,  that  could  become  an  issue. 

Or  is  this  a  matter  that  should  be  determined  card  by  card,  as 
opposed  to  some  sort  of  general  regulatory  or  statutory  policy  of  the 
various  countries  involved?  Does  anybody  want  to  take  a  stab  at 
that  one?  Mr.  Jensen. 

Mr.  Jensen.  It's  Denmark  it's  considered  up  to  the  consumer 
how  much  money  he  wants  to  lose.  He  can  buy  cards  for  $20  up 
to  $200  and  he  can  reload  with  the  same  step.  So  he  himself 
decides  how  much  he  wants  to  lose. 

Chairman  Castle.  Similar  to  cash,  in  other  words. 

Mr.  Jensen.  Yes.  And  you've  never  been  able  to  block  your  notes 
or  your  coins  in  the  central  bank,  so  you  won't  be  able  to  do  it  here, 
eitner. 

If  you  did  it,  you  would  lose  on  the  privacy  front,  and  people 
don't  want  that. 

Chairman  Castle.  And  those  cards,  if  they're  lost,  can  be  used 
by  anybody.  I  think  you  said  earlier  there's  no  personal  identifica- 
tion follow-up  to  it. 

Mr.  Jensen.  That's  correct.  Anyone  who  picks  it  up  on  the  street 
can  use  it. 

Chairman  Castle.  Mr.  Jones. 

Mr.  Jones.  I  think  this  is  a  very  important  topic  and  again,  each 
individual  initiative  needs  to  be  looked  at  in  terms  of  what  it's 
doing. 

Our  basic  approach  has  some  similarities  with  DANMONT  in 
that  essentially  the  consumer  is  responsible  for  the  value  held  on 
the  MONDEX  card  at  any  one  time.  Ours  do  lock  with  a  four-to 
eight-digit  code  and  a  locked  card,  if  lost,  could  not  be  used  by  any- 
body else  and  if  you  enter  the  wrong  code  a  certain  number  of 
times  the  card  basically  plays  dead.  It  thinks  it's  being  attacked 
and  then  can  only  be  unlocked  by  the  bank  that  issued  that 
MONDEX  card. 

The  cards  can  also  be  personalized  to  you  and  registered  to  you 
at  the  bank  and  all  the  cards  are  unique,  so  that  if  the  locked  card 
that  you  lost  was  handed  in,  it  could  be  brought  back  to  you  and 
you'd  get  the  money  back. 

But  there  is  here  a  balance  between  privacy  and  those  kinds  of 
features,  and  so  also  in  MONDEX  you  could  be  using  an  unlinked 
card  that  had  no  link  to  you,  which  gives  you  much  greater  privacy. 
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but  the  other  split  side  of  that  is  that  the  same  abiHty  to  have  that 
thing  come  back  through  the  system  and  come  back  to  you  wouldn't 
be  there. 

So  what  we're  trying  to  do,  within  the  architecture,  is  to  provide 
choices  for  different  consumer  groups  to  take  different  variation. 

Chairman  Castle.  Thank  you. 

Let  me  try  one  more  question,  if  I  may.  Computer  hackers,  and 
I  suppose  to  those  of  us  who  are  not  as  computer  knowledgeable 
as  we  should  be,  this  may  appear  to  be  a  bigger  problem  than  you 
perceive  it  as  being,  but  computer  hackers  pose  a  serious  security 
problem,  not  only  to  existing  systems  but  in  developing  electronic 
payment  systems.  The  worst  case  scenario  would  involve  access  to 
the  electronic  mint  and  the  creation  of  counterfeit  cash. 

What  measures  have  been  taken  to  ensure  the  security  of  these 
systems?  I  realize  that  some  of  you  deal  in  smaller  denominations 
and  more  limited  circumstances,  but  I  think  we're  thinking  in 
terms  of  the  computers  and  somebody  getting  the  keys  to  the  bank, 
literally,  on  a  computer  system  and  really  going  to  town.  We're 
worried  about  the  security  aspects  of  that. 

Does  anyone  wish  to  try  to  deal  with  that  question?  Mr.  Jones. 

Mr.  Jones.  Security  is  a  fundamental  issue  to  be  managed  in  all 
payment  system  designs  such  as  this.  Our  approach  to  it  is  to  at- 
tack the  security  problem  on  a  number  of  dimensions. 

First,  the  tamper-resistance  of  the  silicon  chip  used  in  the 
MONDEX  card  has  been  the  subject  of  a  multi-million  pound  re- 
verse engineering  study  by  us,  which  has  led  to  us  briefing,  in  the 
first  instance,  Hitachi  semiconductor  in  Tokyo  on  the  ways  in 
which  we  had  attacked  silicon,  so  that  they  could  build  safeguards 
against  those  attacks  into  a  brand  new  silicon  piece  that  they  have 
built  for  us. 

So  the  creation  of  bespoke,  silicon,  designed  to  be  tamper-resist- 
ant, is  important.  We,  too,  use  advanced  cryptography  in  the  mes- 
sage flows  that  pass  between  two  MONDEX  cards  to  make  the  job 
of  trying  to  break  in  at  that  stage  extraordinarily  difficult. 

And  we  also  use  many,  many  tried  and  tested  procedures  for 
multiple  control  to  the  facilities  at  which  MONDEX  value  is  cre- 
ated. 

I  think  the  fundamental  point,  though,  is  that  for  a  payment 
scheme  design  of  this  class  to  be  successful,  it  must  be  capable  of 
being  upgraded  and  every  component  of  the  MONDEX  security  ar- 
chitecture can  be  upgraded  over  time  because  the  technology  here, 
whether  it's  hardware  technology  or  software,  is  moving  so  quickly 
that  any  static  security  architecture  would  quickly  get  into 
difficulty. 

Chairman  Castle.  Thank  you. 

Mr.  Jensen. 

Mr.  Jensen.  I  fully  agree  with  Tim  Jones'  statement  that  you 
have  to  put  as  much  effort  into  it  as  possible.  You  have  to  be  able 
to  upgrade  because  you're  fighting  a  gn'oup  of  people  who  will  con- 
stantly be  better  than  they  are  today,  so  we  have  to  be  better  and 
we  have  to  be  in  front  of  them. 

But  whatever  we  do  and  however  much  money  we  ever  spend  on 
it,  there  will  be  opportunities  either  to  break  in  or  to  academically 
make  money  somewhere  else  in  the  system.  That's  why  the  au- 
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thorities,  whatever  it's  the  central  bank  or  the  Bank  Supervisory 
Board  is  saying,  the  entire  system  should  be  auditable,  account- 
able, and  traceable,  so  we  know  exactly  what  is  going  on. 
Otherwise,  we  can't  prove  how  much  has  happened  to  the  system, 
if  anything. 

Chairman  Castle.  Well,  thank  you. 

Dr.  Donegan?  Then  we'll  wrap  it  up  and  turn  to  Mr.  Flake. 

Mr.  Donegan.  I'd  just  like  to  reinforce  what  the  other  gentlemen 
said,  that  the  system  will  never  be  totally  secure.  The  Internet 
wasn't  secure  when  it  first  started.  It  is  becoming  more  secure  be- 
cause people  have  more  at  risk  and  so  they're  putting  more  money 
into  making  it  secure. 

But,  as  tne  Fed  recognized  here  recently  in  its  banking  regula- 
tions, it  will  never  be  totally  secure.  All  you  can  do  is  provide  an 
acceptable  risk. 

There's  going  to  be  a  tremendous  amount  of  money  spent  by 
business  establishments  to  keep  themselves  individually  secure. 
They  need  to  find  a  way  to  be  encouraged  to  do  that.  Then  we  have 
to  be  able  to  prosecute  the  criminal  element  when  we  have  the 
opportunity. 

Chairman  Castle.  Thank  you.  I  thank  all  of  you. 

Mr.  Flake. 

Mr.  Flake.  Thank  you,  Mr.  Chairman. 

One  of  the  concerns  that  I  think  we  have,  and  I  think  this  is  di- 
rected at  Mr.  Jensen,  and  if  it's  not,  whoever  the  appropriate  per- 
son is,  if  you  can  answer  it,  and  that  is  the  mint,  which  produces 
coins  here,  makes  a  significant  amount  of  profit  for  the  Treasury 
off  the  production  of  those  coins.  Have  you  had  any  discussions 
with  the  mint  so  that  you  might  be  able  to  gauge  their  reactions 
in  terms  of  this  move  away  from  coins  and  toward  cards?  And  what 
do  you  think  the  ultimate  impact  will  be  as  it  relates  to  the  econ- 
omy of  this  nation  if  it  has  no  reason  really  to  generate  coins, 
which  generate  a  profit? 

Mr.  Jensen.  First  of  all,  I  would  be  unable  to  say  what  impact 
it  will  have  in  this  nation  but  I  can  give  you  a  little  insight  to  the 
discussion  we  have  had  with  the  central  bank  in  Denmark. 

First  of  all,  it's  correct  that  the  central  bank  is  getting  interest 
on  the  coins,  those  they  have  in  circulation.  That  interest  is  given 
to  us  to  run  the  system  and  the  central  bank  wanted  to  let  us  have 
that  interest  to  get  the  infrastructure  working.  Otherwise,  the 
central  bank  will  have  to  get  the  infrastructure  done  in  another 
way. 

Second,  by  replacing  a  very  small  fraction  of  the  coins,  it  has 
very,  very  little  impact  on  the  central  bank  because  the  coin  cir- 
culation compared  to  the  note  circulation  is,  anyway,  very  small.  So 
if  you  take  1  percent  of  the  coins  away,  and  the  coins  are  maybe 
10  percent  of  the  total  circulation,  you're  basically  taking  nothing 
away. 

So  the  governors  of  the  central  bank  stated  that  thev  are  pre- 
pared to  pay  that  price  to  getting  an  effective  and  moaem  infra- 
structure within  the  pavment  system  in  Denmark. 

Mr.  Flake.  But  wouldn't  you  agree  there's  a  difference  between 
the  use  of  coins  and  the  use  of  paper,  as  opposed  to  what  happens 
with  cards?  I  mean,  the  first  phase  of  the  evolution  toward  card 
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usage  obviously  is  the  credit  cards — ^VISA,  MasterCard,  and  so 
forth — which  have  just  exploded  over  the  last,  I  guess,  25,  30  years. 
Now  we  move  to  another  phase  where  people  have  already 
gained  some  comfort  in  carrying  a  card.  Now,  does  that  mean  that 
people  with  that  comfort  level  will  start  using  them  to  such  a  de- 

free  that  you  could,  in  fact,  come  to  a  point  where  coin  usage  will 
e  almost  minimal? 

Mr.  Jensen.  Yes,  we  could  get  to  that.  But  since  the  Danish 
central  bank  is  considering  that  we  will,  maximum,  replace  1  per- 
cent of  the  coin  circulation  a  year,  they  have  also  said  it  will  take 
100  years  before  we  get  there. 

Mr.  Flake.  This  subcommittee  also  has  responsibility  for  coins 
and  there's  been  a  lot  of  discussion  about  changing  our  whole  mon- 
etary system  and,  quite  frankly,  going  to  dollar  coins.  The  move- 
ment we're  talking  about,  it  seems  to  me,  is  a  move  in  the  opposite 
direction  from  where  the  international  market  is  moving.  The 
international  market  seems  to  be  moving  away  from  it  and  we  have 
a  great  deal  of  discussion  here  of  moving  toward  dollar  coins,  when 
you're  talking  about  not  only  paper  but  really  going  heavily  into 
the  usage  of  cards. 

Mr.  Jensen.  We  have  seen  the  same  trend,  that  notes  have  been 
replaced  by  coins  over  the  last  10  years  in  the  Scandinavian  coun- 
tries. Whether  this  will  have  any  impact  whatever  on  coins  and 
notes,  I  don't  know.  It  could  have  some  impact  over  time,  but  ap- 
parently the  central  bank  doesn't  consider  it  to  be  an  important 
issue  if  the  alternative  is  not  to  have  an  effective  infrastructure. 

Mr.  Flake.  The  other  question  I  have,  and  anyone  can  answer 
this  one.  As  some  of  you  may  know,  the  New  York  transportation 
system  has  been  working  for  a  few  years  now  trying  to  implement 
what  it  calls  its  Smart  card.  They've  had  all  kinds  of  problems  in 
terms  of  technology,  making  the  technology  work,  the  adjustments 
necessary  to  get  the  consumer  aware  of  how  best  to  make  use  of 
the  card. 

I'd  just  like  to  know,  in  general,  what  have  been  the  difficulties 
in  the  various  countries  that  you  function  in  as  it  relates  to  trying 
to  get  the  average  consumer  adapted  to  this  technology? 

Another  example  is  in  my  community;  they  were  removing  the 
bank  tellers,  really  down-sizing  a  bank  and  putting  in  ATMs.  The 
community  backlash  was  overwhelming  because  the  argument  was 
that  these  persons  who  use  this  particular  bank  would  not  be 
amenable  to  using  ATMs. 

So  as  we  move  this  process  it  seems  to  me  that  the  average 
consumer  has  not  gotten  on  board.  How  much  difficulty  will  there 
be  to  get  everybody  on  board  to  understand  that  this  is  the  wave 
of  the  future,  that  this  is  the  way  we're  going  to  have  to  move?  Mr. 
Jones. 

Mr.  Jones.  We've  done  extensive  market  research  on  MONDEX 
with  consumers  in  the  United  States  and  Canada,  Hong  Kong, 
Japan,  United  Kingdom,  France,  Germany,  and  the  results  are 
very  consistent.  I  think  the  single  biggest  message  is  that  the  prod- 
uct researches  extremely  well,  and  that's  right  across  society — 
young,  old,  and  a  range  of  social  classes— 45ut  tne  quantity  of  infor- 
mation you  need  to  communicate  to  get  the  concept  across  is 
nontrivial. 
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When  you  translate  that  into  bringing  the  product  to  market,  you 
get  to  a  stage  now  in  most  of  the  trials  around  the  world  where 
a  core  user  group  of  enthusiasts,  in  a  sense,  teaches  themselves 
about  the  product  but  then  there  is  a  considerable  educational  task 
to  undertake  to  get  the  rest  of  the  folks  in  society  to  give  it  the  at- 
tention to  understand  what  it  is. 

I  mean,  the  good  news  is  that  strategically,  once  they  get  there, 
thev  tend  to  like  it  and  the  product  becomes  ubiquitous  in  society, 
and  I  think  that  the  biggest  marketing  challenge  facing  all  of  us, 
is  to— obviously,  from  our  point  of  view,  we  want  to  accelerate  the 
implementation  of  the  products  and  make  it  successful. 

But  there  is  a  considerable  amount  of  education  to  achieve.  Prob- 
ablv  the  best  way  is  to  use  existing  users  and  merchants  to  do  that, 
ratner  than  just  sending  direct  messages  out  from  the  banks.  But 
that  points  to  a  cycle  to  maturity  of  a  number  of  years  and  the 
thing  not  being  an  overnight  1-  or  2-year  phenomenon.  In  my  view 
it's  more  like  a  5-  or  10-year  maturity  cycle,  at  least. 

Mr.  Flake.  Yes,  Mr.  Jensen  and  then  Mr.  Calvert. 

Mr.  Jensen.  I  totally  agree  that  it's  a  major  effort  to  educate  peo- 
ple. However,  by  making  the  operation  where  you  pay  very  simple 
because  you  insert  the  card,  you  see  the  balance,  you  get  the  price 
and  you  are  accepted,  and  you  have  nothing  else  to  do  than  take 
your  card  with  you  home;  even  in  that  case,  it  takes  a  long  time. 

We  have  been  using  a  lot  of  instructors  who  have  been  with  the 
new  services  and  teaching  people  how  to  use  a  card.  It  constantly 
shows  up  that  you  need  to  try  three  times  before  you're  confident. 

And  I  totally  agree  that  it  will  take — in  Denmark  we  expect  5  to 
7  years  to  get  half  the  population  up  to  speed.  How  long  it  takes 
to  get  the  other  half,  I  don't  know.  That  was  the  same  with  debit. 
It  was  the  same  with  automatic  transfer  from  account-to-account. 

So  it  seems  like  the  time  it  takes  in  the  payment  system  is  basi- 
cally consistent.  It  takes  a  very  long  time.  And  if  you  don't  build 
your  plans  around  it  and  if  you  expect  to  make  anything  happen 
in  3  years'  time,  you  might  be  wrong. 

So  education  is  important  and  we  do  not  see  any  difference  from 
the  unbanked  to  the  banked,  from  the  young  to  the  elderly.  That's 
not  an  issue  with  our  system.  It's  so  simple,  but  you  have  to  have 
something  to  use  it  for  constantly.  Otherwise,  even  with  a  simple 
system,  you  forget  it. 

Mr.  Flake.  Right.  Mr.  Calvert. 

Mr.  Calvert.  I'm  concurring  with  what  I've  heard  but  just  to  put 
some  specific  examples  around  it,  in  the  United  States  debit  accept- 
ance and  utilization  has  been  very  slow  as  a  comparative  to  the 
rest  of  the  world.  Part  of  that  was  to  do  with  infrastructure  and 
part  of  it  is  to  do  with  people  who  are  writing  checks.  Checks  were 
nowhere  as  predominant  in  the  rest  of  the  world,  so  debit  card  in- 
troduction has  been  very  slow,  by  comparison. 

This  technology  will  not  bring  about  instant  change  but  people 
will  use  it.  When  you  look  internationally,  and  I'll  use  the  example 
of  Hong  Kong  and,  in  particular,  the  mass  transit  system  in  Hong 
Kong,  where  people  were  already  used  to  using  a  card  that  was  a 
decrementing  card,  when  they  moved  that  to  a  proximity  Smart 
card,  not  a  contact  Smart  card,  people  moved  to  that  straight  away 
because  that  was  the  best  way  for  them  to  use  it. 
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I  think  what  you'll  see  in  the  United  States  is  a  slower  move- 
ment toward  it.  As  an  example,  12  percent  of  adult  Americans 
don't  have  bank  accounts,  so  to  get  them  to  move  to  the  next  level 
is  not  going  to  happen. 

So  you  have  to  look  at  this  and  say  let's  not  say  he's  technology; 
let's  look  for  a  market  for  it.  Does  this  technology  provide  a  better 
way  to  do  things?  And  then  let  it  evolve.  And  I  oelieve  that  is  the 
situation  that  we  have. 

Mr.  Flake.  Will  we  see  a  major  proliferation  of  cards  as  people 
try  to  enter  this  market  area  and  then  bringing  it  down,  at  some 
point,  to  Just  a  number,  a  limited  number  of  cards  by  certain 
producers? 

Mr.  Calvert.  Well,  I  won't  speak  from  the  technology  point  of 
view  but  from  the  consumer  point  of  view,  if  you  look  at,  again,  his- 
tory, and  I  do  apologize  for  using  it  but  it  seems  to  be  a  wonderful 
guide,  people  used  to  carry  an  average  of  12  credit  cards.  That  is 
now  on  the  way  down  to  somewhere  between  six  and  seven  cards 
per  average  credit  cardholder. 

What  we  will  see  in  the  future  is  we'll  never  get  to  one  card 
again.  That  would  be  Nirvana,  one  card  that  was  a  cash  card,  it 
was  a  debit  card,  it  was  all  the  things  you  wanted  it  to  be.  The 
technology  is  here  to  do  it;  it's  a  comfort  level  that  people  will  have. 

Mr.  Flake.  Mr.  Lassus. 

Mr.  Lassus.  Well,  from  experience,  there  are  countries  like  Grer- 
many,  France,  Portugal  where  Smart  cards  are  used  every  day  by 
almost  everybody  today.  All  of  the  banking  cards  in  France  have 
a  chip  and  everybody  is  using  that  card.  We  don't  carry  cash  any- 
more. We  got  to  restaurant,  we  go  anywhere,  supermarket,  that's 
the  only  way  of  payment,  including  old  people,  because  they  are 
used  to  it. 

Eveiy  time  a  German  goes  to  see  a  doctor,  he  carries  his  card 
and  he  s  used  to  it.  It's  so  convenient. 

So  when  you  have  a  national  program  like  that  in  place,  it's  so 
easy,  it's  so  convenient  that  people  don't  have  any  limitation.  In 
Portugal  today,  1.5  million  people  every  day  use  electronic  purse, 
which  is  even  more  sophisticated  than  what  we  have  in  France  or 
Germany  or  other  countries. 

So  I'm  very  much  optimistic  because  I  see  it  every  day.  As  I  said, 
we  are  going  to  sell  300  million  cards  this  year,  Smart  cards,  be- 
cause people  are  using  it  for  telephone  in  France.  Maybe  it  was  a 
bit  forceful,  done  by  France  Telecom,  but  you  cannot  call  anymore 
with  a  coin.  None  of  the  telephone  booths  can  use  money,  cash.  It's 
only  Smart  card.  And  it's  happening  also  in  Japan  now. 

So  I'm  very  much  optimistic  about — and  of  course  I'm  singing  for 
my  company,  but  I'm  very  optimistic  about  all  people  can  get  very 
quickly  ready  to  use  Smart  cards. 

In  some  cases  we  see  also  some — we  didn't  mention  about  secu- 
rity— biometrics.  There's  a  new  trend  now  coming.  We  will  be  able 
to  put  fingerprints  into  the  chip.  We  can  put  also  a  picture,  a  pho- 
tograph into  the  chip,  not  only  in  the  plastic  but  in  the  chip. 

Also  we  are  developing  now  a  voice  recognition  system  where 
somebody  goes  to  the  ATM,  for  instance,  and  insert  the  card  into 
the  ATM  and  the  machine  says,  "Good  morning,  Mr.  Flake.  What 
can  I  do  for  you  today?  But  please  could  we  make  a  security  check 
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first?  Could  you  count  from  five  to  ten?"  Then  the  machine 
recognizes  you  and  you  don't  have  to  dial  a  PIN  code. 

So  this  is  really  happening. 

Mr.  Flake.  So  it's  like  voice  security. 

Mr.  Lassus.  Yes,  sir. 

Mr.  Flake.  That's  great. 

Mr.  Lassus.  Somebody  will  tell  you,  "Well,  what  about  somebody 
who  has  a  tape  recorder?"  We  go  into  those  issues,  as  well. 

No,  what's  happening  today,  sir,  it's  incredible.  It's  very  easy  to 
use,  it's  very  secure,  and  we  are  very  optimistic. 

Mr.  Flake,  Well,  I  don't  have  any  more  questions  but  I  certainly 
hope  that  this  wave  is  beneficial  to  everybody  and  that  these  14  or 
15  cards  in  my  pocket — ^fi-equent  flyer  cards  and  a  card  for  every 
single  different  grocery  store  and  a  card  for  health  care  and,  of 
course,  the  other  infamous  cards.  Of  course,  my  cards  are  limited 
compared  to  the  number  that  my  wife  carries. 

So  hopefully  we'll  come  to  that  day  when  we  have  that  one  card 
that  can  do  it  all.  Yes,  sir? 

Mr.  Lassus.  Mr.  Flake,  first  of  all,  it's  good  for  business  so  we 
don't  complain 

Mr.  Flake.  I  do,  but  vour  business  costs  me  money,  anyhow. 

Mr.  Lassus.  Seriously,  with  the  microcomputer  today,  with  the 
operating  system,  and  not  only  ours  but  also  our  competitors,  we 
can  store  already  today  32  different  applications,  totally  independ- 
ent fi'om  the  otner  ones.  The  only  problem,  everyboay  wants  to 
have  his  name  on  the  card.  You  know,  every  issuer  or  every 
operator. 

So  today,  everybody  wants  to  have  his  own  card  but  theoretically, 
we  can  store  32  different  applications — ^banking,  and  so  forth.  But 
I  don't  envisage  in  the  future  to  have  the  health  care  card  share 
with  the  banking  card.  Those  are  two  different  applications. 

But  what  we  see,  I  believe  in  the  year  2010  the  watch  will  be 
the  card.  We'll  have  a  lot  of  information  in  the  watch.  We'll  have 
antennas. 

By  the  way,  you  mentioned  in  Hong  Kong  transportation,  this 
card  is  for  Hong  Kong.  With  an  antenna  inside,  you  don't  have  to 
put  the  card  into  a  slot.  It  can  be  read  at  length.  We  use  it  also 
for  a  toll  payment  system  for  automobiles,  for  roads  and  bridges. 

So  at  the  end  of  the  day  I  believe  in  maybe  10  or  15  years  from 
now  we'll  have  a  portable  object  which  has  a  lot  of  computer  com- 
munication power,  with  the  same  security  features  and  it  will  be 
put  in  place  and  the  watch  will  be  carrying  maybe  the  equivalent 
of  20  cards.  Then  you  have  a  separate  one  for  health  care,  maybe. 

Mr.  Flake.  Well,  that's  moving  in  that  direction  with  that  port- 
able phone,  that  cellular  concept  that  Mr.  Jones  has.  I  think  that's 
a  welcome  progression.  Hopefully  we'll  keep  moving  in  that 
direction. 

Thank  you  very  much,  Mr.  Chairman. 

Chairman  Castle.  Thank  you,  Mr.  Flake.  I'm  surprised  you 
didn't  mention  the  most  expensive  credit  card  in  the  world,  the  vot- 
ing card  of  a  Member  of  Congress  that  we  all  use.  Hopefully  we 
won't  get  those  distributed  too  far. 

Let  me  thank  the  panel  very  much.  You've  brought  an  inter- 
national perspective  to  the  questions.  I  think,  in  many  instances. 
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the  use  of  these  cards  in  these  systems  is  more  advanced  in  Eu- 
rope, in  particular,  than  it  is  in  America,  so  that's  a  good  place  for 
us  to  look  for  lessons  and  what  we  should  be  doing  in  the  future. 
So  we  do  appreciate  veiy  much  your  being  here. 

At  this  point  we'll  take  about  a  three-minute  standing  recess  so 
we  can  bring  our  new  panel  to  the  table. 

I  might  add  one  further  thing.  We  might  have  questions  or  other 
Members  might  have  questions  so  we  may,  if  we  can,  write  to  you 
and  be  able  to  ask  the  questions  and  hopefully  you'll  be  able  to  sub- 
mit answers.  I  must  admit  this  works  a  lot  better  when  you're  a 
public  employee  and  we're  about  to  vote  on  your  appropriation  bill 
or  something  of  that  nature  than  it  does  dealing  with  the  private 
sector,  but  nonetheless,  there  may  be  some  questions  we  just  didn't 
have  time  to  get  to  today  and  perhaps  if  we  can  reserve  that  right 
and,  at  your  pleasure,  you  can  answer  the  questions. 

We  really  appreciate  you  being  here.  You've  probably  come  from 
as  far  as  any  panel  we've  ever  had  before  this  subcommittee,  at 
least,  and  we're  appreciative  of  that,  also. 

So,  with  that,  we'll  have  a  very  brief  recess,  solely  for  the  pur- 
pose of  changing  the  witnesses.  And  again,  thanks  to  all  of  you. 

[Recess.] 

Chairman  Castle.  OK,  I  think  we'll  start,  simply  because  we 
can't  control  the  agenda  around  here.  We  have  both  a  hearing  in 
this  room  a  little  bit  later  and  votes  on  the  floor  at  some  point. 

You  probably  all  were  in  the  room  when  I  mentioned  your  back- 
grounds a  little  bit  and  I  assume  everybody  here  knows  it,  but  you 
might  want  to  identify  yourself  a  little  bit  as  you  begin. 

The  same  rules  will  apply  as  did  before.  We'll  start  with  Mr. 
Westin  and  go  right  through  to  Mr.  Boyles.  You'll  all  get  a  chance 
to  testify  and  those  of  us  who  are  here  at  that  point  will  ask  some 
questions.  But  again,  we  appreciate  you  being  here  a  great  deal.  In 
the  aggregate,  this  has  been  very  helpful  to  all  of  us. 

I  apologize  because  Members  of  Congress  have  to  come  and  go 
to  a  variety  of  meetings,  so  they're  not  nere,  but  we  are,  of  course, 
taking  down  all  the  words  that  you  say  and  they'll  be  part  of  a 
compendium  of  the  other  hearings,  as  well.  There's  been  a  tremen- 
dous amount  of  interest  in  these  hearings  from  all  over  the  coun- 
try, people  asking  for  copies  of  transcripts  of  what  we've  done.  So 
we  think  it's  been  a  valuable  lesson. 

With  that,  we'll  start  with  Mr,  Westin. 

STATEMENT  OF  ALAN  F.  WESTIN,  PROFESSOR,  COLUMBIA  LAW 

SCHOOL 

Mr.  Westin.  Thank  you.  Mr.  Chairman,  members  of  the  sub- 
committee, ladies  and  gentlemen,  my  name  is  Alan  Westin.  I'm  a 
Professor  of  Public  Law  and  Government  at  Columbia  University. 
I've  been  working  on  privacy  issues  for  over  4  decades,  especially 
since  the  publication  of  my  book  "Privacy  and  Freedom"  in  1967. 
I'm  also  the  publisher  of  "Privacy  in  American  Business,"  which  is 
a  national  newsletter  and  conference  organizer  that  focuses  on 
business  privacy  issues  and  financial  privacy  issues  that  have  been 
central  to  our  work  since  the  beginning. 

I  was  asked  to  address  two  issues  by  the  subcommittee.  First, 
what  are  some  of  the  key  privacy  concerns  that  arise  from  new  in- 
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formation  technology  applications  in  the  financial  payments  area? 
And  second,  how  will  the  adoption  of  the  European  Union's  Data 
Protection  Directive  affect  United  States  financial  interests  and 
institutions  operating  in  Europe? 

Let  me  turn  to  the  first  issue:  What  are  the  privacy  issues  that 
are  coming  forward  as  we  move  into  this  new  era  of  electronic  and 
information  technology-driven  financial  affairs?  How  are  consumers 
going  to  be  affected  by  this  and  how  should  public  policymakers 
think  about  the  interface  between  the  privacy  interests  and  the  ef- 
ficiency interests  that  are  involved  here? 

First  of  all,  all  of  the  surveys  that  "Privacy  in  American  Busi- 
ness" has  done  with  Louis  Harris  and  Associates  show  that  when 
you  ask  consumers  to  rate  what  are  the  most  sensitive  record  sys- 
tems about  themselves,  the  financial  record  systems  score  as  the 
most  sensitive,  even  higher  than  medical  records,  when  people  try 
to  assess  the  relative  sensitivity  of  the  information  collected  about 
them. 

It's  also  true  that  if  you  ask  people  who  hold  credit  cards  about 
these  privacy  issues,  they  score  as  more  sensitive  about  privacy 
and  more  concerned  about  privacy  protections  than  the  people  who 
don't  have  credit  cards. 

In  my  testimony  I  go  into  six  trends  that  I  think  are  the  ones 
that  consumers  are  concerned  about  while  they  enjoy  the  benefits 
of  the  new  financial  applications.  First,  the  credit  cards  are  being 
used  for  more  and  more  areas  of  consumer  payments,  from  super- 
markets to  health  care,  and  so  that  expands  the  scope  of  sensitive 
information  that's  contained  in  financial  records. 

Second,  consumer  banking  is  moving  more  and  more  to  target 
marketing  one-to-one,  one-on-one,  which  means  the  compilation  of 
increasingly  detailed  profiles  by  the  banks  in  which  their  customer 
transaction  information,  demographic  information,  psychographic 
and  lifestyle  information  is  bought  from  list  compilers,  are  all 
brought  together  in  order  to  know  more  about  the  consumer  for 
purposes  of  marketing,  and  the  issues  that  arise  are  who  knows 
about  that  information,  what  uses  are  made  of  it,  and  how  com- 
fortable consumers  are  with  that  information  being  held  by  the  fi- 
nancial institution? 

Third,  as  credit  card  and  other  payment  mechanisms  go  into  the 
on-line  and  Internet  world,  we  are  moving  transaction  records  of 
very  high  privacy  sensitivity  without  clear  legal  rules  or  regulatory 
oversight  over  how  the  personal  information  that's  flowing  in  those 
venues  is  to  be  protected  or  is  to  be  even,  in  a  rule  sense,  thought 
about  as  it  travels  in  these  on-line  environments. 

Fourth,  as  we  move  toward  more  on-line  home  banking,  this  will 
lodge  another  sensitive  transaction  flow  with  security  and  privacy 
implications,  where  individuals  will  be  sending  information  from 
their  home  site,  which  will  contain  all  of  the  information  that  used 
to  be  on  checks  or  on  credit  card  transactions. 

Fiflh,  as  Smart  cards,  as  we  saw  in  the  earlier  panel,  are  adopt- 
ed by  educational  institutions,  governmental  bodies,  businesses,  in 
order  to  facilitate  the  storage  of  money  and  the  encryption  on  cards 
of  various  kinds  of  financial  as  well  as  health  and  other  informa- 
tion, that  card  becomes  an  extraordinarily  sensitive  and  attractive 
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instrument  in  terms  of  services  but  also  in  terms  of  threats  to 
privacy  and  privacy  invasion. 

Finally,  as  we  look  at  the  way  developments  are  moving  on  the 
Internet,  we're  creating  service  providers  who  are  running  these 
commimication  systems  but  are  not  themselves  financial  institu- 
tions. So  you  have  companies  running  Internet  activities  that  use 
financial  payment  mechanisms  but  are  not  themselves  subject  to 
the  normal  regulations  of  the  financial  institutions,  and  that  raises 
many  important  policy  questions. 

At  the  same  time  that  these  are  trends  that  offer  threats  to  pri- 
vacy, we  see  that  a  number  of  new  information  technology  develop- 
ments offer  very  positive  relationships  to  privacy.  As  more  and 
more  transactions  are  anonymous,  we  don't  have  any  transaction 
trail  at  all.  And  as  cryptography  and  biometric  identifiers  strength- 
en the  ability  to  make  sure  that  individuals  are  the  ones  who  are 
supposed  to  be  using  various  kinds  of  sensitive  information  and  as 
we  can  completely  protect  through  cryptography  or  strongly  protect 
through  cryptography,  the  security  of  sensitive  information,  we 
limit  the  breaches  of  security  and  confidentiality  that  threaten 
privacy. 

Having  catalogued  this,  let  me  say  that  my  own  feeling  echoes 
that  of  the  chairman  in  opening  the  hearings  that  we're  not  at  a 
regulatory  moment  here,  I  think,  or  one  that  calls  for  legislation. 
Rather,  I  think  that  what  is  needed  is  to  look  at  the  way  in  which 
volimtary  policies  are  being  developed  by  the  leading  and  pro-ac- 
tive companies  and  industry  associations  and  to  see  that  these  are 
being  promulgated  widely. 

For  example,  both  American  Express  and  Citicorp  have  devel- 
oped extensive  consumer  privacy  principles  which  have  been  very 
well  regarded  and  are  commented  on  positively  by  almost  all  of  the 
privacy  advocates  and  consumer  organizations  that  look  at 
voluntary  policies. 

In  the  interest  of  full  disclosure  I  should  say  I  was  a  consultant 
to  both  organizations  so  I  may  be  somewhat  jaundiced  in  believing 
that  they  are  the  right  way  to  go,  but  I  think  they  are  the  right 
way  to  go. 

In  addition,  both  VISA  and  MasterCard  have  come  up  with  state- 
ments of  principles  and  guidelines  which  they've  called  on  their 
member  institutions  to  develop. 

I'm  troubled,  however,  as  I've  said  in  a  number  of  forums,  that 
not  enough  of  the  6,000  issuer  banks  have  taken  those  guidelines 
and  translated  them  into  actual  policies.  And  I  think  that  it's  very 
important  to  encourage  banks,  both  in  terms  of  customer  relations 
and  competitive  advantage  and  social  responsibility,  to  recognize 
that  it  isn't  enough  just  to  have  good  policies  internally;  they  nave 
to  be  communicated  to  their  customers  and  prospective  customers 
so  that  the  rules  of  the  road  are  spelled  out. 

And  the  rules  are  really  very  well  agreed  upon,  I  think,  by  most 
people  who  work  in  the  field.  Notice  and  disclosure  to  the  individ- 
ual about  what  is  being  collected  and  how  the  information  is  going 
to  be  used.  If  secondary  uses  are  going  to  be  made,  opportunity  for 
the  individual  to  opt  out  of  those  uses  that  the  individual  does  not 
want  made  of  their  information  collected  by  a  bank  or  by  a  credit 
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card  or  any  other  financial  institution.  Access  by  the  individual  to 
their  record  for  purposes  of  inquiry  or  challenge. 

And,  along  with  this,  some  things  that  are  not  yet  in  place  but 
I  think  are  going  to  be  considered  by  the  banking  industry  and  by 
consumer  groups,  and  that  is  a  cheap,  fast,  inexpensive  dispute  res- 
olution system  for  consumers  when  it  deals  with  their  privacy  is- 
sues, like  the  ones  we  have  for  consumer  disputes  about  cars  or  fu- 
nerals or  appliances.  There's  no  reason  why  we  can't  add  privacy 
to  the  things  that  can  be  dealt  with  by  those  kinds  of  dispute  reso- 
lution panels. 

Also,  I  think  that  you're  going  to  see  the  United  States  begin  to 
consider  the  possibility  of  developing  certifiable  standards  of  pri- 
vacy in  industries,  and  the  financial  industry  might  very  well  take 
the  lead  here.  That  is,  it's  possible  to  use  an  accounting-type  over- 
sight and  inquiry  in  order  to  certify  that  an  organization  has  in 
practice  the  privacy  principles  that  they  have  announced  and  that 
they  say  they  will  follow. 

So  it's  a  verification  system,  and  I'll  come  back  to  that  in  just  a 
minute  as  to  why  this  may  be  very  important  for  the  Internet  and 
the  on-line  world  in  the  future. 

Let  me  turn  to  my  second  question  that  you  asked  me  to  talk 
about,  the  potential  impact  of  the  European  Union's  Data  Protec- 
tion Directive  on  how  U.S.  companies  operate  abroad. 

As  you  know,  the  European  Union  Data  Protection  Directive  was 
adopted  in  July  of  last  year  and  will  go  into  operations  in  October 
of  1998  and  it  says  that  if  a  U.S.  financial  institution  or  any  U.S. 
company  wants  to  take  information  about  a  customer  in  France  or 
Germany  or  Spain  or  the  United  Kingdom,  it  will  have  to  show 
that  it  has  complied  with  the  European  Union  Data  Protection  Di- 
rective safeguards  if  it  is  to  move  those  data  for  processing  in  the 
United  States  or  anywhere  else. 

The  key  issues  will  be  the  extent  to  which  the  operations  of  a 
company  are  considered  to  provide  what's  called  adequate  data  pro- 
tection. What  is  adequacy  is  the  key  question. 

Before  I  get  to  that,  let  me  just  make  two  key  observations.  One, 
I  think  that  the  European  data  protection  laws  that  have  already 
been  passed  in  13  of  the  15  European  nations  are  an  extremely 
positive  development.  If  I  lived  in  those  countries  I  would  have 
been  a  g^eat  advocate  and  supporter  of  the  adoption  of  those.  Espe- 
cially given  the  record  of  the  Nazi  regimes  in  collecting  information 
and  misusing  information  in  Germany  and  throughout  Europe, 
anything  that  puts  strong  privacy  protections  and  a  regime  of  pri- 
vacy enforcement  into  the  European  countries  is  consistent  with 
their  best  social,  cultural,  legal  traditions,  and  of  democratic  insti- 
tutions in  Europe,  and  I  think  Americans  cheer  the  adoption. 

But  second,  it's  not  a  system  for  us  if  you  understand  our  own 
distinctive  social,  cultural,  political  and  legal  traditions.  And  in  my 
testimony  I  spell  out  but  won't  go  into  at  least  nine  sort  of  key  dif- 
ferences between  the  way  the  United  States  approaches  issues  of 
privacy  and  the  way  in  which  the  administrative  state  regulatory 
traditions  of  the  Napoleonic  Code  in  Europe  approach  those 
institutions  and  questions. 
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As  I  said  in  mv  testimony,  we  broke  off  from  Europe  in  1776  £ind 
I  think  it  would  be  remarkable  if  we  were  to  defer  without 
agreement  with  the  European  approach  to  things  in  1996. 

So  my  conclusion  is  that  the  United  States  ought  to  move  strong- 
ly to  develop  its  own  enhancements  of  privacy  protection  as  the 
new  technologies  roll  in.  not  because  the  Europeans  threaten  us  in 
any  way  but  oecause  its  the  right  thing  to  do  and  it's  in  keeping 
with  our  own  traditions. 

Therefore,  what  can  we  look  forward  to?  Is  there  going  to  be  a 
trade  war,  a  nontariff  barrier  competition  of  a  kind  that  will 
disadvantage  U.S.  companies? 

My  own  feeling  is  that  this  is  not  going  to  happen  if  there's  a 
spirit  of  discussion,  cooperation  and  exchange  between  our  Euro- 
pean friends  and  ourselves.  And  the  reasons  are  as  follows:  First, 
the  Europeans  themselves  understand  that  many  of  the  things  in 
the  European  Directive  are  directed  to  last  generation's  technology, 
not  where  we're  going.  We  don't  have  anymore  the  kind  of  single 
type  of  data  protection  that  the  European  laws  were  designed  to 
deal  with — that  is,  big  mainframe  systems  with  slave  terminals, 
with  communication  systems  that  could  be  closely  audited  and  one 
responsible  keeper  for  a  giant  system  in  an  organization. 

There  are  today  hundreds  oi  millions  of  desktop  computers  with 
power,  intelligence  and  databases  of  personally-identified  informa- 
tion in  them,  and  the  idea  of  data  registration  simply  is  an  idea 
that  will  not  work  in  the  1990's  and  clearly  will  not  in  the  21st 
Century. 

Then,  in  addition,  if  you  consider  the  on-line  and  the  Internet 
world,  it  almost  boggles  the  mind  to  think  about  how  the  specifics 
of  the  European  Data  Protection  Directive  could  be  applied  to  the 
collection,  exchange  and  movement  of  personally-identified  infor- 
mation in  the  Internet  world.  Who's  the  responsible  keeper  and 
what  are  the  channels  that  can  be  monitored  in  an  Internet  world? 
And  where  do  the  standards  come  from,  and  whose  standards  are 
they? 

Why  I  think  eventually,  with  the  right  kind  of  exchange,  we'll 
come  out  in  the  right  way  with  our  European  friends  is  because 
there  are  two  different  ways  that  U.S.  institutions  can  be  allowed 
to  engage  in  transborder  data  flow  as  far  as  information  from  cli- 
ents in  Europe.  One  is  that  individual  nations  of  Europe  judge  that 
our  privacy  regime  in  the  United  States  meets  the  term  "adequate." 
And  my  feeling  is  that  as  we  continue  to  deepen  our  privacy  tradi- 
tion in  the  United  States,  we  are  adequate  and  we  will  be  so 
judged  by  our  European  friends,  especially  if  we  do  some  of  the 
things  like  pass  national  health  information  privacy  legislation, 
which  the  industry  and  privacy  advocates  and  virtually  everyone 
thinks  we  need  to  do  in  order  to  put  the  right  safeguards  on  health 
information  in  the  future. 

But  second,  the  European  Directive  allows  for  an  individual  com- 
pany or  industries,  by  contract  or  by  industry  standards,  to  dem- 
onstrate that  they,  in  fact,  meet  all  of  the  specific  requirements  of 
the  European  Directive.  So  even  if  the  United  States  is  not  held  to 
be  "an  adequate  privacy  regime,"  individual  arrangements  can 
make  it  possible  for  U.S.  companies  to  be  judged  to  have  adequate 
mechanisms  through  contract  or  industry  standards. 
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In  conclusion,  I  hope  very  much  that  the  subcommittee  will  con- 
tinue to  hold  these  kinds  of  hearings.  It's  important  that  the  indus- 
try should  know  that  Congress  is  watching,  that  Congress  is  look- 
ing to  see  that  voluntary  standards  are  developed  that  are  mean- 
ingful, that  technology  tools  are  developed  that  sometimes  can 
solve  the  problems  for  us. 

An  example  last  week  before  the  Federal  Trade  Commission  was 
the  development  of  what  are  known  as  personal  control  filters  by 
which  an  individual  can  indicate  what  kind  of  organizational  poli- 
cies must  be  met  before,  in  the  on-line  and  Internet  world,  that  or- 
ganization is  allowed,  through  the  individual's  own  personally  de- 
nned filter,  to  present  you  with  goods  and  services  or  to  be  your 
financial  transaction  provider. 

The  idea  that  we  can  lodge  to  each  individual  when  he  or  she 
clicks  on  the  on-line  and  Internet  world  the  ability  to  set  the  stand- 
ards is  a  marvelous  way  that  technology  could  facilitate  the  indi- 
vidual's choice  as  to  what  kind  of  privacy  balances  the  individual 
wants. 

So  I  very  much  applaud  the  subcommittee's  effort  to  monitor  this 
area,  to  try  to  get  ahead  of  the  curve  and  to  understand  what  is 
an  extraordinarily  complex  but  vital  issue  to  American  consumers, 
as  well  as  the  American  financial  community. 

[The  prepared  statement  of  Mr.  Alan  F.  Westin  can  be  found  on 
page  164  in  the  appendix.] 

Chairman  Castle.  Thank  you  very  much,  Mr.  Westin. 

Mr.  Ritter. 

STATEMENT  OF  JEFFREY  B.  RITTER,  PROGRAM  DIRECTOR, 
ECLIPS  (AMERICAN  BAR  ASSOCIATION) 

Mr.  RiTTER.  Thank  you,  Mr.  Chairman  and  members  of  the  sub- 
committee. My  name  is  Jeffrey  Ritter.  Since  1990  it  has  been  my 
privilege  to  serve  as  a  member  of  the  U.S.  delegation  to  the  U.N. 
working  party  in  Geneva  that  is  leading  the  effort  to  automate 
international  business  communication  and  trade  contracting.  As 
well,  in  that  role  I've  served  as  a  rapporteur  on  legal  questions. 
And,  along  with  a  colleague  in  Brussels,  it  has  been  our  task  to 
lead  a  70-nation  team  at  addressing  and  developing  solutions  for 
the  legal  barriers  for  global  electronic  commerce. 

I  also  chair  the  American  Bar  Association's  Committee  on  the 
Law  of  Commerce  in  Cyberspace,  not  an  isolated  group  of  techies 
or  geeks.  We  are  over  850  business  and  commercial  lawyers  that 
are  struggling  to  understand  and  develop  solutions  to  these  very 
vital  issues.  'Hiese  comments  today,  however,  are  my  own. 

I'd  like  to  briefly  address  two  simple  straightforward  questions, 
and  in  some  respects  these  oral  remarks  deviate  from  my  written 
testimony  but  are  consistent  with  it. 

Mr.  Flake,  your  questions  this  morning  I  think  provoked  me  to 
recognize  that  in  this  analytical  process  we  must  develop  a  dis- 
cipline for  what  we  are  talking  about.  Is  it  money?  Is  it  legal 
tender?  Is  it  currency? 

And  the  second  topic  that  I  would  like  to  address  is  the  potential 
for  international  private  sector  leadership  in  providing  the  self- 
regulatory  solutions  for  the  global  electronic  marketplace. 
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Turning  to  the  first  issue,  I  think  that  it  is  clear,  as  we  rapidly 
accelerate  commerce  into  the  electronic  sphere,  that  the  notion  of 
a  national  currency,  a  note  or  obligation  of  the  State,  is  rapidly  los- 
ing its  meaningful  value  to  the  consumers. 

Perhaps  more  significantly  than  we  would  even  imagine  in  think- 
ing about  coins  and  bills,  we  are  prepared  today  in  nearly  every 
transaction,  whether  it  is  in  the  Coke  machine  or  whether  it  is  in 
an  exchange  for  goods  in  international  trade,  to  not  satisfy  the  pay- 
ment obligation  with  the  delivery  of  legal  tender,  something  that 
the  nation-state  tells  us  must  be  accepted  in  payment  of  a  debt,  but 
instead,  we  are  willing  to  accept  the  promise  of  someone  else  to 

When  I  offer  a  check,  when  I  use  check-free,  when  I  use  a  credit 
card  as  a  consumer,  I  am  not  tendering  cash  but  I  am  tendering 
to  you  the  promise  of  that  issuer  to  make  payment.  It  is  not  money. 
It  is  not  legal  tender.  And,  as  a  consequence,  it  is  commerce  that 
has  allowed  us  to  accept  these  instruments  as  payment 
satisfactions.  It  is  not  the  law. 

Now,  what  that  means  when  we  look  at  stored  value  and  elec- 
tronic cash  is  that  I  think  we  must  quickly  impose  a  discipline  in 
the  vocabulary.  Money  is  generally  considered,  at  least  in  the  Unit- 
ed States  under  the  Uniform  Commercial  Code,  to  be  the  currency 
adopted  by  the  national  government  as  legal  tender.  Cash  is  not 
necessarily  money.  And  a  task  force  of  the  American  Bar  Associa- 
tion Section  of  Business  Law  now  has  out  what  most  of  us  believe 
to  be  an  absolutely  lucid,  provocative  analysis  of  what  all  these 
technologies  really  are. 

I  think  DANMONT,  the  gentleman  from  Denmark,  is  the  closest 
example  to  what  we  would  call  electronic  money,  meaning  some- 
thing that  is  approved  by  the  central  bank  as  an  electronic  equiva- 
lent, something  that  must  be  accepted  as  legal  tender.  For  the  rest, 
however,  it  is  easy  to  agree  with  the  ABA  task  force  that  what 
most  of  these  payment  mechanisms  represent  are  simply  alter- 
natives, different  means  of  pa5dng  the  bill,  if  you  will,  without  of- 
fering money. 

Well,  what  does  that  mean  for  the  global  Net?  There  is  no  ques- 
tion that  global  electronic  commerce  requires  currency,  and  cur- 
rency is  different.  Currency  is  a  medium  of  exchange  which  does 
not  necessarily  have  to  be  approved  by  a  nation-state  or  a  regional 
government,  such  as  the  European  Union,  but  it  is  something  that 
will  be  accepted  in  payment. 

In  that  regard,  the  payment  systems  of  checks  and  credit  cards 
that  we  have  today  is  a  remarkably  robust  system  of  currency,  and 
that  is  truly  what  the  global  Net  will  require. 

But  currency,  as  a  product,  requires  more  than  just  technology. 
It  requires  a  commercial  framework.  For  the  small  transactions,  for 
the  large  transactions,  the  need  is  uniform.  There  must  be  predict- 
ability in  the  value  and  there  must  be  security  in  the  confidence 
that  the  bill  is  really  being  paid. 

The  timing  of  our  presentation  here,  with  me  preceding  Mr. 
McEntee,  is  perhaps  fortunate  only  in  that  I  was  going  to  cite 
NACHA  as  an  ideal  example  of  where  the  global  Net  must  go.  In 
accepting  our  payments  by  check,  we  do  not  merely  rely  upon  a 
legal  framework,  but  a  complex  system  of  rules  that  have  been  de- 


36 

veloped  by  commerce  in  cooperation  with  the  users  that  define  the 
elements  that  the  Net  and  global  commerce  for  the  consumer  will 
require — a  predictability,  defining  the  elements  of  what  is  a  real 
satisfaction  of  debt;  what  are  the  statement  mechanisms  and  how 
do  we  deal  with  either  the  insolvency  of  the  issuers  or  of  the 
networks  themselves? 

These  kinds  of  constructs  or  rules  are  essential  to  the  ability  of 
the  average  consumer  to  use  electronic  commerce  to  conduct  inter- 
national trade.  How,  then,  can  we  possibly  confront  the  challenges 
of  building  these  rules  on  a  global  basis? 

The  work  that  has  been  accomplished  in  the  United  Nations  is, 
in  fact,  a  wonderful  example,  perhaps  to  the  surprise  of  many  of 
us  in  the  United  States,  of  private  sector  leadership  in  developing 
common  standards  despite  competitive  alternatives.  And  it  is  from 
that  framework  and  other  efforts  of  industry  self-regulation  that 
there  is  now  afoot  indeed  a  global  effort  to  establish  a  new  venue 
in  which  these  kinds  of  commercial  problems  can  be  developed  in 
collaboration  with  government. 

Under  the  working  name  of  the  Internet  Law  and  Policy  Forum, 
over  275  volunteers  from  all  continents  are  now  working  collabo- 
ratively to  establish  a  permanent  organization  where  the  lawmak- 
ing of  the  Net  can  be  achieved  with  greater  acceleration  and  a 
greater  resolve  at  solving  the  problems  once. 

The  kinds  of  concerns  and  issues  that  have  been  raised  in  the 
testimony  today  as  to  the  legal  questions  are  not  germane  just  to 
the  United  States;  they  are  global  questions.  And  the  time  is  appro- 
priate, if  these  technologies  are  to  achieve  their  full  benefits  for 
consumers  and  for  trade,  that  commerce  step  to  the  table  and  com- 
mit itself  to  developing  the  self-regulatory  environment  where  the 
consumer  cEin  have  confidence  in  the  predictability  and  safety  of 
these  mechanisms. 

The  Internet  Law  and  Policy  Forum  is  now  supported  by  over  25 
multinational  companies  who  are  stakeholders  in  the  future  of  elec- 
tronic commerce.  They  have  established  a  fund  that  will  under- 
write the  expenses  of  establishing  the  forum,  with  the  goal  of  being 
able  to  produce  work  products  such  as  model  laws,  codes  of  conduct 
and  the  kinds  of  things  that,  for  example,  Mr.  Westin  has  referred 
to,  as  they  relate  to  a  wide  variety  of  applications. 

Curiously,  to  date,  the  financial  community  has  been  slow  at  the 
global  level  to  see  the  potential  of  the  ILPF  as  a  venue  where  many 
of  these  solutions  can  be  solved.  This  subcommittee  has  distin- 
guished itself  in  its  recognition  of  the  potential  for  self-regulation 
and  might,  in  looking  at  the  findings  of  these  four  hearings,  con- 
sider endorsing  the  possibility  of  different  kinds  of  venues,  such  as 
the  forum,  and  encouraging  corporations  to  seriously  consider  the 
capacity  of  them  to  be  solution  sources. 

Mr.  Chairman,  as  I  said,  NACHA,  SWIFT  out  of  France — there 
are  financial  networks  in  place.  These  are  situations,  in  looking  at 
new  payment  mechanisms,  where  I  do  not  believe  the  consumer's 
entry  onto  the  Net  will  be  facilitated  by  allowing,  if  you  will,  1,000 
flowers  to  bloom.  Uniformity,  predictability  and  standards  of  qual- 
ity are  essential  to  ensuring  consumer  confidence  and  they're 
essential  to  the  stability  of  national  currencies. 
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As  a  final  closing  comment,  in  this  process  it  is  important  to  fa- 
cilitate collaboration  with  government.  The  first  generation  of  the 
Internet  had  a  voice  of  freedom  and  independence  and  anarchy.  It 
is  simply  no  longer  consonant  with  the  voices  of  the  needs  of 
commerce  and  our  consumer  community. 

Collaborating  with  government  to  understand  the  need  for 
auditability,  to  understand  the  need  to  respond  to  criminality  are 
important  hallmarks  in  the  balancing  process  of  self-regulation. 

As  a  witness  this  morning,  I  would  commend  to  you 
DANMONTs  leadership  in  working  v/ith  the  national  central  bank. 
But,  in  this  vein,  it  is  probably  worth  noting  that  in  our  G-7  pro- 
ceedings, in  which  the  United  States  is  an  active  participant,  many 
private  banks  have  indicated  in  hearings  that  the  national  central 
banks  of  the  world  have  been  resistant.  If  you  will,  they  have  been 
refusing  to  acknowledge  the  obvious. 

And  anything  this  subcommittee  might  do  in  encouraging  the 
Federal  Reserve  Board  to  collaborate,  in  encouraging  the  Bank  of 
England,  the  Banque  du  France  to  similarly  collaborate  with  a 
multinational  panel,  such  as  you  have  assembled  today,  Mr.  Chair- 
man, would  be  a  welcomed  response  to  the  potential  of  these  tech- 
nologies to  extend  the  Net  and  electronic  commerce  to  the 
consumer.  Thank  you. 

[The  prepared  statement  of  Mr.  Jeffrey  B.  Ritter  can  be  found  on 
page  188  in  the  appendix.] 

Chairman  Castle.  Thank  you  very  much,  Mr.  Ritter.  We  appre- 
ciate your  testimony. 

Mr.  McEntee. 

STATEMENT  OF  ELLIOTT  McENTEE,  PRESIDENT  AND  CEO, 
NATIONAL  AUTOMATED  CLEARING  HOUSE  ASSOCIATION 

Mr.  McEntee.  Mr.  Chairman  and  distinguished  members  of  the 
subcommittee,  my  name  is  Elliott  McEntee  and  I'm  the  President 
and  CEO  of  the  National  Automated  Clearing  House  Association, 
also  known  as  NACHA.  I  am  pleased  to  have  been  invited  by  the 
subcommittee  to  share  the  views  of  NACHA  on  the  future  of  elec- 
tronic payments,  including  international  transactions. 

We  applaud  the  subcommittee's  effort  to  explore  the  public  policy 
implications  associated  with  the  development  of  electronic  money. 
We  also  support  the  chairman's  view  that  Congress  should  refrain 
from  pursuing  an  active  legislative  approach  to  rulemaking  at  this 
time.  But  we  would  encourage  Congress  to  continue  to  monitor 
important  developments  in  this  area. 

NACHA  is  a  nonprofit  association  owned  by  the  banking  industry 
that  establishes  operating  rules  for  electronic  payments.  We  do  not 
process  any  of  these  transactions;  we  simply  write  the  operating 
rules.  For  example,  we  developed  the  rules  for  ACH  transactions, 
such  as  direct  deposit  to  payroll,  direct  payment,  and  electronic 
data  interchange  transactions.  NACHA's  membership  includes  38 
regional  associations  and  their  13,000  financial  institution 
members. 

The  ACH  network  serves  more  than  500,000  companies  and  over 
50  percent  of  all  households.  Last  year,  3.5  billion  payments  were 
processed  through  the  ACH  network,  including  over  500  million 
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Federal  Government  payments.  The  total  value  of  those 
transactions  was  over  $11  trillion. 

In  1974,  NACHA  developed  the  first  national  set  of  rules  jfovern- 
ing  the  ACH  network.  We  developed  these  rules  before  the  Elec- 
tronic Funds  Transfer  Act  was  enacted  by  Congress.  In  some  areas, 
the  NACHA  rules  provide  more  robust  consumer  protection  than 
Federal  laws. 

A  common  purpose  of  all  payment  system  operating  rules  is  to 
establish  the  rights,  responsibilities  and  liabilities  for  all  the  par- 
ties that  are  involved  in  processing  the  transaction.  Under  payment 
system  rules,  a  party  to  a  transaction  provides  certain  warranties 
to  its  counterparty.  In  exchange  for  these  warranties,  settlement  of 
the  transaction  takes  place. 

We  take  great  pride  in  our  ability  to  bring  together  payment  sys- 
tem stakeholders  in  the  development  of  private  sector  rules.  For  ex- 
ample, NACHA's  EBT  Council  recently  approved  the  first  set  of  na- 
tionwide EBT  operating  rules  that  will  provide  the  framework  for 
a  nationwide  electronic  benefit  transfer  system.  These  rules  re- 
sulted from  the  cooperation  of  State  and  Federal  agencies,  financial 
institutions,  bank-owned  networks  and  the  merchant  community. 
We  expect  at  least  40  States  to  use  these  rules  for  their  EBT 
systems. 

Let  me  now  move  on  to  discussing  cross-border  transactions.  Ex- 
pansion of  world  trade  doubles  every  5  years  and  there's  a  need  for 
a  safe,  convenient  payment  system  to  handle  types  of  transactions 
not  conducive  to  wire  transfer  or  card-based  systems  like  you  heard 
in  the  earlier  panel.  NACHA  created  a  Cross-Border  Payment 
Council  to  develop  the  framework  to  satisfy  this  need. 

In  recognition  of  the  priorities  imposed  by  the  North  American 
Free  Trade  Agreement,  the  Cross-Border  Council  recently  approved 
rules  governing  electronic  payment  exchange  between  the  United 
States  and  Canada  and  we're  now  working  very  closely  with  the 
Central  Bank  of  Mexico  to  include  Mexican  transactions  in  this 
fi*amework. 

The  rules  cover  many  types  of  recurring  payments,  such  as  pay- 
roll, annuity  and  pension  payments,  consumer  bill  payments,  such 
as  insurance  premiums,  and  commercial  trade  payments.  Looking 
beyond  NAFTA,  other  countries  can  be  accommodated  as  imple- 
mentation of  the  cross-border  rules  advance  in  North  America. 

To  facilitate  this  evolution,  we've  been  consulting  with  a  number 
of  central  banks  and  private  organizations  around  the  world.  The 
ultimate  objective  is  to  provide  a  global  fi*amework  so  that  consum- 
ers, businesses  and  financial  institutions  may  initiate  and  receive 
payments  internationally  with  the  same  ease  and  safety  as 
domestic  transactions. 

Another  important  NACHA  objective  is  the  development  of  a  se- 
cure and  reliable  payment  system  for  Internet-based  commerce. 
Studies  indicate  that  at  least  15  million  Americans  now  use  the 
Internet.  However,  use  of  the  Internet  for  purchasing  goods  and 
services  is  still  in  its  infancy. 

The  very  attributes  that  make  the  Internet  attractive — ^unre- 
stricted worldwide  access — also  represent  significant  challenges 
from  a  security  and  payment  processing  perspective.  Nonetheless, 
we  view  the  Internet  as  a  promising  vehicle  for  electronic  com- 
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merce,  both  domestically  and  internationally,  provided  certain 
conditions  are  satisfied. 

Before  widespread  public  acceptance  of  the  Internet  as  a  means 
to  transfer  value  can  be  guaranteed,  issues  such  as  data  security, 
payment  authorization,  privacy,  risk  management  and  dispute  res- 
olution will  need  to  be  addressed  by  the  private  sector. 

Until  all  these  issues  are  thoroughly  understood  and  resolved, 
consumers,  merchants  and  financial  institutions  alike  will  lack  the 
necessary  level  of  confidence  to  utilize  the  full  potential  of  the 
Internet  as  a  delivery  channel  for  commerce. 

Recently  we  established  an  Internet  Council  to  help  meet  this 
challenge.  Its  mission  is  to  develop  sound  risk  management  and 
business  practice  standards  and  operating  rules  to  ensure  that 
Internet  commerce  is  developed  in  a  safe  and  secure  manner.  And 
since  access  to  the  Internet  is  global,  a  critical  part  of  this  process 
will  be  international  cooperation. 

In  closing,  we  see  great  promise  in  the  developing  electronic  pay- 
ment technologies  that  this  subcommittee  is  now  addressing,  and 
we  believe  that  the  private  sector  in  the  banking  industry  has  the 
ability  to  address  important  public  policy  requirements,  but  we 
would  also  suggest  that  this  subcommittee  continue  to  monitor  de- 
velopments in  this  area. 

I  welcome  any  questions  from  the  subcommittee  at  the  appro- 
priate time  and  I  also  invite  any  members  of  the  subcommittee  and 
the  staff  to  visit  NACHA  on  the  Internet.  Our  address  is 
www.nacha.org.  Thank  you. 

[The  prepared  statement  of  Mr.  Elliott  C.  McEntee  can  be  found 
on  page  198  in  the  appendix.] 

Chairman  Castle.  Thank  you,  Mr.  McEntee. 

Mr.  Boyles. 

STATEMENT  OF  DAVID  BOYLES,  SENIOR  VICE  PRESIDENT  FOR 
NEW  BUSINESS  VENTURES,  SMART  CARDS  AND  STORED 
VALUE,  AMERICAN  EXPRESS 

Mr.  Boyles.  Good  afternoon,  Mr,  Chairman  and  members  of  the 
subcommittee,  ladies  and  gentlemen.  I'm  David  Boyles,  the  Senior 
Vice  President  of  New  Business  Ventures  in  our  Stored  Value 
Group  and  I  also  head  up  our  Global  Smart  Card  Center  of  Excel- 
lence. 

I'm  very  pleased  to  be  here  to  have  this  opportunity  to  discuss 
stored  value  and  also  was  asked  to  discuss  the  proposed 
amendment  to  Regulation  E. 

I  want  to  thank  you,  Mr.  Chairman,  for  your  leadership  in  the 
issue  of  the  future  of  money  and  to  you  and  Mrs.  Roukema  and 
members  of  the  subcommittee  for  inclusion  of  the  stored  value 
exemption  from  Reg  E  in  the  pending  regulatory  relief  bill, 

I  thought  it  might  be  helpful  to  put  stored  value,  which  is  pri- 
marily vvnat's  been  talked  about  here,  in  a  market  context,  and  I'll 
use  U,S,  numbers  as  a  way  to  talk  about  that. 

If  you  look  at  the  way  consumers  pay  for  goods  and  services, 
many  of  them  prefer  to  pay  later,  particularly  in  the  United  States, 
and  that's  credit  cards,  charge  cards,  post-paid  phone  cards,  and  so 
forth.  This  is  a  very  large  market  in  the  United  States  I'll  show  you 
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later  on  that  the  United  States  is  somewhat  different  from  the  rest 
of  the  world  in  that  regard. 

The  largest  arena  in  terms  of  consumers  pajdng  falls  into  the 
pay-now  category,  primarily  personal  checks  and  electronic  funds 
transactions  at  the  point  of  sale,  but  we  would  also  consider  most 
ACH  transactions,  automated  clearinghouse  transactions,  to  fall 
into  this  category  because  consumers  expect,  even  if  the  actual 
clearing  only  takes  a  day  or  two,  that  this  really  is  a  pay-now-type 
transaction. 

Finally,  we  have  the  pay-before  category  which,  in  the  United 
States,  is  about  $800  billion,  and  this  includes,  in  our  mind,  cash, 
travelers  checks,  money  orders,  prepaid  mass  transit  cards,  prepaid 
telephones  and  E-purses.  When  I  include  cash  in  it  you  will  often 
see  members  of  the  electronic  purse  industry  holding  up  cash  and 
saying,  "Remember,  this  is  the  same  as  your  Smart  card  or  your 
electronic  purse." 

It's  important  to  note  here  that  payment  patterns  do  differ  by 
country  and  in  most  of  the  English-speaking  countries,  like  the 
United  States  and  Canada,  and  to  a  lesser  extent  the  United  King- 
dom and  Australia,  people  pay  quite  frequently  in  terms  of  pay- 
later.  Elsewhere  in  the  world — ^for  instance,  Japan  and  Grermany — 
consumers  prefer  pay-now  or  pay-before. 

I  would  also  point  out  that  stored  value  cards  are  really  a  rapidly 
growing  industry.  Starting  back  in  about  1988  with  the  numbers 
that  we  have  found,  we  believe  that  less  than  500  million  prepaid 
cards  were  sold  worldwide,  prepaid  or  stored  value  cards.  Those  are 
primarily  driven  by  telecom  numbers,  the  red  column. 

I'll  also  note  that  there's  been  a  fairly  fast  growth  of  traffic  in 
mass  transit  cards  and  the  other  category  includes  things  like  cam- 
pus cards  and  general  purpose  E-purses. 

Interestingly  enough,  we  believe  that  in  1995  around  2.3  billion 
prepaid  cards  were  sold  worldwide.  To  point  out  again  the  dif- 
ferences in  regions  of  the  world  and  what  they  use  in  terms  of 
cards,  it's  also  clear  that  the  United  States  is  not  necessarily  a 
leader  in  this  category. 

Going  by  1994  numbers,  because  we  do  not  have  1995  numbers, 
about  850  million  prepaid  cards  were  sold  in  the  Far  East,  and 
those  were  driven  primarily  by  NTT  in  Japan.  Europe  is  also  a  big 
user  of  prepaid  cards  and  growing  rather  rapidly.  We  think  their 
numbers  are  up  dramatically  for  1995,  but  again,  these  numbers 
are  driven  primarily  by  prepaid  telephone.  Notably  again,  North 
America  is  not  a  huge  user,  at  this  point  in  time,  at  least,  of 
prepaid  cards. 

Let  me  now  talk  a  little  bit  about  American  Express  and  its  his- 
tory in  stored  value.  We've  actually  been  a  provider  of  stored  value 
for  105  years  in  the  form  of  travelers  cheques.  In  1891,  our  first 
year  in  business  with  travelers  cheques,  we  sold  $9,120  worth  of 
travelers  cheques.  Last  year  the  equivalent  number  was  $25.4 
billion. 

Travelers  cheques  are  actually  the  original  stored  value  product 
and  I  think  a  model  of  safety  and  soundness  for  the  industry.  We're 
subject  to  regulation  on  a  State-by-State  basis.  We're  licensed  in  43 
States  to  issue  travelers  cheques  and  these  licenses  require  us  to 
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hold  100  percent  of  funds  in  reserve,  in  accordance  with  permis- 
sible investment  statutes,  primarily  high-grade  bonds. 

Many  of  the  States  require  bonds  to  be  filed,  annual  and  quar- 
terly reports  and  annual  audits.  Most  States  that  we  have  polled 
have  already  expressed  favorable  opinions  regarding  their  willing- 
ness to  regulate  new  stored  value  products  under  existing  travelers 
cheque  laws.  My  conclusion  on  that  is  that  there  are  existing  regu- 
latory schemes  which  can  apply  to  these  products. 

Next,  with  regard  to  technologies  used  for  stored  value  products, 
whether  it's  paper,  chip  cards  or  Internet  E-cash,  these  are  merely 
different  technologies  for  fulfilling  the  same  function.  That  function 
is  the  consumer's  prepayment  of  funds  to  an  issuer  in  return  for 
a  travelers  check,  a  card,  a  note  or  other  promise  to  pay  or  promise 
to  provide  services  at  a  later  date. 

I've  taken  the  travelers  cheque  and  drawn  out  a  process  flow  for 
it,  if  we  could  have  that.  One  of  the  interesting  things  I'd  like  to 
point  out  here  is  to  consumers  it  doesn't  matter  what  technology 
is  used  for  prepajonent  of  stored  value.  Typically  there's  an  issuer, 
who  provides  a  product  to  a  selling  outlet.  The  selling  outlet  sells 
that  product  to  the  consumer,  who  then  uses  it  to  pay  for  goods  or 
services  at  a  merchant. 

Those  products,  in  this  case  the  travelers  cheque,  are  then  depos- 
ited at  the  merchsmt's  merchant  bank  and  go  back  through  a  clear- 
ing function  to  the  issuer  and  therefore  settle  out. 

If  you  look  at  an  on-line  stored  value  card,  the  process  is  exactly 
similar  to  the  consumer.  They  go  to  a  selling  outlet  to  buy  the  card, 
they  use  the  card  for  goods  and  services,  and  then,  behind  the 
scenes,  there's  a  method  for  transaction  authorization  and  the  set- 
tlement of  funds.  In  this  particular  case  the  main  difference  is  that 
there  is  an  on-line  authorization  for  a  prepaid  card. 

I  might  note  that  in  certain  parts  of  the  world  we  actually  have 
on-line  authorizations  for  travelers  cheques.  It  does  happen. 

Next,  if  you  go  to  a  typical  process  flow  for  off-line  prepaid  cards, 
again  for  the  consumer,  it  looks  exactly  the  same.  The  consumer 
buys  the  card,  for  instance,  a  DANMONT  card  from  a  selling  out- 
let, uses  the  card  for  goods  or  services.  The  major  difference  here 
between  the  prior  slide  is  that  the  transaction  actually  occurs  at 
the  terminal  level.  That  typically  is  possible  only  with  chip-based 
cards  or  special  mag-striped  cards.  So  the  authorization  takes  place 
at  the  terminal.  Later  there's  a  transaction  batch  sent  through 
some  kind  of  clearing  system  to  the  issuer  again.  The  major  point 
here  is  that  to  the  consumer,  it  all  looks  alike. 

I'd  like  to  compare  briefly  on-line  versus  off-line  products  because 
these  are  going  to  be  proposed  to  be  regulated  c^fferently  in  the 
Federal  Reserve's  amendment  to  Reg  E.  I've  provided  to  each  of 
you  three  types  of  American  Express  stored  value  products.  One  of 
them  is  an  Aspen  Ski  Funds  card.  It  looks  like  this.  These  are  $100 
cards.  I  might  point  out  to  the  subcommittee  that  there's  no  value 
on  them,  so  you  can't  spend  them. 

Second,  I've  provided  a  card,  a  green  card — it  looks  like  this — 
which  is  an  Incentive  Funds  card.  This  card  is  used  by  corporations 
to— it's  provided  to  distributors  and  employees  and  it's  actually 
used  as  a  bonus-type  product.  The  card  is  given  to  the  distributor 
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or  the  employee  and  as  they  earn  bonuses,  value  is  put  on  the  card 
and  then  the  employee  or  the  distributor  can  spend  the  fimds. 

The  Aspen  card,  if  I  might  back  up  to  this,  was  used  this  season 
at  Aspen  and  Snow  Mass  and  we  had  several  variations  of  this,  but 
primarily  one  of  the  uses  for  this  t3T)e  of  card  was  to  give  a  card 
to  an  older  child  instead  of  providing  a  credit  card  or  charge  card, 
and  that  child  could  go  and  buy  meals  or  ski  school  or  anything 
like  that  without  having  to  carry  cash  or  find  the  parent. 

We  also  had  a  card  that  incorporated  a  lift  ticket  and  stored 
value  on  the  same  card,  with  much  the  same  functions. 

Finally,  I've  provided  to  you  a  Phone  Funds  card  of  a  $5  value. 
This  one  does  work.  We  cleared  this  through  the  Ethics  Committee, 
so  this  is  appropriate,  and  that's  because  it  has  nominal  value  and 
we  thought  it  had  educational  purposes.  So  in  this  particular  case 
it  does  have  funds  on  it,  or  at  least  phone  time  on  it,  and  was  ap- 
proved by  the  Ethics  Committee. 

This  particular  card,  if  you  pull  it  out  of  the  packet,  does  not 
have  a  mag  stripe,  does  not  have  a  chip.  It's  activated  by  dialing 
a  1/800  number.  So  anywhere  you  are  in  the  United  States,  if  you 
can  dial  a  1/800  number  you  can  actually  use  the  time  on  this  card. 
So  you're  not  restricted  to  pay  phones  or  hotel  phones;  you  can  use 
it  anywhere. 

I'd  like  to  take  an  example  of  the  Ski  Funds  card,  the  one  from 
Aspen  and  Snow  Mass,  and  compare  it  to  another  card,  which  is 
chip-based.  Smart  card-based,  and  is  issued  by  a  financial  institu- 
tion in  the  United  States.  These  two  cards  are  basically  purchased 
the  same  way — again,  at  some  kind  of  selling  outlet.  They're  used 
in  the  same  way.  You  go  and  purchase  the  goods  and  services  that 
you  want.  Again,  this  one  is  an  off-line  chip-based  card.  This  is  an 
on-line  card,  mag-striped  card. 

One  interesting  difference  is  if  you  read  the  back — let  me  read 
the  back  of  the  chip-based  card  first,  and  Fll  quote  this.  It  says, 
'Treat  this  card  like  cash.  If  lost  or  stolen,  it  will  not  be  replaced." 
So  this  is  very  much  similar  to  the  DANMONT  card. 

If  you  take  the  Aspen  Snow  Mass  card  off  and  read  what  it  says 
on  the  back  of  it,  and  I  quote  part  of  what's  on  here,  "If  lost  or  sto- 
len or  for  a  refund,  call  1/800/SKI-0929."  So  this  card,  because  it 
is  an  on-line-type  card,  actually  offers  more  protection  to  the 
consumer  because  we  know  how  much  money  has  been  spent  on  it 
and  when  it's  lost  we  can  cancel  the  card  and  replace  it. 

I've  been  asked  to  address  a  proposed  Reg  E  amendment  and  we 
do  have  some  concerns  about  that  as  it  applies  to  different  tech- 
nologies. Again,  my  point  being  with  the  flow  charts  I  showed 
earlier  that  these  technologies  are  very  similar. 

A  proposed  Reg  E  amendment  is  not  applied  uniformly.  It's  more 
or  less  Dased  on  the  technology  used.  So  this  on-line  card,  which 
operates  very  similar  to  the  chip-based  card,  gets  regulated  more 
heavily  than  the  chip-based  card.  We  think  this  unequal  regulation 
of  technology  will  result  in  a  slowing  of  the  development  of  these 
payment  products.  And  we  also  think  that  these  on-line  products 
which  offer  the  consumer  the  most  protection  would  be  those  that 
would  be  most  regulated  and  therefore,  most  likely  to  not  succeed. 

Different  levels  of  regulation  based  around  product  technology, 
not  around  the  way  it's  used,  will  also  be  confusing  to  consumers 
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and,  I  think,  very  different  for  regulators  to  apply  and  for  the 
judiciary  to  interpret. 

And  some  of  the  regulations,  we  believe,  actually  make  no  sense; 
for  instance,  requiring  a  receipt  for  an  on-line  transaction.  So 
again,  if  you  were  to  use  this  product  in  the  Coke  machine,  it 
would  require  a  receipt.  If  you  use  the  off-line  Smart  card-based 
product,  it  would  not  require  a  receipt  for  the  same  purchase,  and 
we  think  that  would  be  very  confusing  and  difficult  to  implement, 
and  also  expensive. 

Given  that  the  industry  is  in  its  infancy,  we  would  urge  great 
care  and  circumspection  by  the  Federal  Reserve  Bank  and  by  Con- 
gress before  any  significant  regulation  is  attached  to  these 
products. 

I  want  to  close  by  thanking  the  subcommittee  for  the  opportunity 
to  brief  them  on  the  stored  value  market  and  some  of  the  exciting 
financial  products  we  have  under  development  and  offer  to  be  a  re- 
source as  you  study  these  issues,  to  answer  any  questions  you  may 
have. 

As  part  of  our  presentation  I  also  have  with  me  Don  Endruss  of 
American  Express  Special  Teams,  who  can  demonstrate  our  Cam- 
pus Funds  product,  which  is  a  product  in  about  200  institutions 
around  the  United  States,  and  show  how  our  on-line  campus  sys- 
tems work.  We  can  either  do  that  now  or  after  the  questioning,  at 
your  pleasure.  Thank  you. 

[The  prepared  statement  of  Mr.  David  Boyles  can  be  found  on 
page  219  in  the  appendix.] 

Chairman  Castle.  There's  just  two  of  us  here  at  this  point  and 
we  just  have  a  few  questions  so  maybe  we  should  run  through  a 
few  questions  and  then  again,  because  of  the  passage  of  time  and 
other  things  going  on  today,  I  do  reserve  the  right,  if  we  can,  to 
submit  questions  to  you  and  I  hope  that  you'll  respond  to  them  in 
writing. 

I  just  had  a  couple  of  things  that  I  wanted  to  ask  as  we  went 
along  on  an  individual  basis.  Let's  start  with  you.  Professor  Westin. 

Which  problems  do  you  think  might  be  able  to  be  self-regulated 
by  the  industry — this  is  sort  of  a  general  question — ^and  which  will 
require  government  intervention?  If  government  regulations  take 
place,  who  would  you  want  to  fulfill  this  role,  in  terms  of 
regulators,  and  so  forth? 

I'm  not  suggesting  we're  ready  to  do  all  this,  as  we've  discussed 
earlier  todayTbut  just  in  a  general  sense,  where  do  you  think  it  will 
break  down  in  terms  of  what  needs  to  be  regulated  and  who  needs 
to  regulate  it? 

Mr.  Westin.  I  think  you  have  to  probably  separate  the  world  into 
the  on-line  and  the  non-on-line.  The  non-on-line  world,  I  think  that 
what  you  want  the  industry  to  do,  as  I  indicated  briefly,  is  to  ad- 
dress the  application  of  fundamental  fair  information  practices 
standards  to  the  way  in  which  banks  are  currently  collecting  and 
using  consumer  information,  and  the  same  thing  in  the  credit  card 
and  charge  card  world. 

So  the  things  that  I  mentioned,  such  as  notifying  consumers 
about  what  information  is  collected  and  providing  opt-out,  and  so 
forth,  would  be  what,  I  think,  needs  to  be  done  much  more  widely 
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and  communicated  much  more  directly  to  the  consumer  than  is 
presently  the  case  in  the  financial  industry. 

In  the  on-line  world,  I  think  that  what  we're  searching  for  is  the 
combination  of  clear  standards  and  new  technology  tools  with 
which  to  allow  individuals  in  the  on-line  and  Internet  world  to  be 
able  to  protect  themselves  more  effectively.  That's  why  I  cited  the 
example  of  the  FTC  hearings,  where  the  FTC,  in  the  same  way 
that  you  did,  the  chairman,  Mr.  Pitofsky  of  the  FTC,  said  we're  not 
here  last  week  at  the  hearings  to  engage  in  a  regulatory  or  legisla- 
tive effort  but  rather,  to  try  to  encourage  industry  to  come  up  with 
the  standards  and  the  tools  that  are  necessary. 

In  the  on-line  world,  I  think  you  need  to  have  standards,  again, 
that  allow  institutions  that  want  to  be  trusted  and  therefore,  to 
have  people  use  their  services  for  buying  or  communicating,  to  be 
able  to  know  what  those  standards  are  that  the  organizations  have. 

The  example  I  gave  of  the  personal  information  filter  really  is  a 
very  good  one.  It  means  that,  for  example,  if  a  bank  wants  to  pro- 
vide services  on-line,  it  can  certify  that  it  has  the  following  stand- 
ards and  it  can  have  on  its  screen  a  little  icon  that  indicates  that 
it  has  been  certified  as  having  those  policies  and  practices  in  place. 

And  they  won't  get  through  to  me  unless  I  see  their  icon,  and  I 
can  set  up  an  automated  system  where,  when  anybody  comes  at  me 
with  goods  and  services  or  wants  to  communicate  with  me,  I  check 
to  see  if  their  icon  is  on  the  screen.  If  it  isn't,  they're  in  the  void, 
in  the  ether.  They'll  never  get  through  to  me. 

So  I  think  that  that  combination  of  principles  and  technology 
tools  is  what's  very  exciting  about  the  way  in  which  the  privacy 
protection  on  the  Internet  could  develop. 

Chairman  Castle.  Thank  you.  Professor. 

Mr.  Ritter,  in  ^our  project  does  it  envision  electronic  commerce 
coming  under  existing  banking  and  finance  laws  or  is  new  legisla- 
tion necessary  to  fully  regulate  and  respond  to  the  challenges  posed 
by  the  industry? 

Mr.  Ritter.  By  the  project,  I  assume  you're  referring  to  the  task 
force  of  the  American  Bar  Association? 

Chairman  Castle.  I  am  referring  to  the  task  force,  yes,  sir. 

Mr.  Ritter.  The  task  force  report  is,  in  its  original  purpose,  de- 
signed to  simply  give  a  commercial  law  perspective.  Most  commer- 
cial law,  of  course,  is  merely  a  ratification  of  what  businesses  fig- 
ured out  as  the  rules  of  the  road  for  conducting  trade. 

When  we  looked  at  the  efforts  under  way  in  the  Reg  E  revisions 
and  other  areas  where  banking  is  regulated,  it  seemed  that  the 
commercial  law  considerations  were  not  being  taken  into  account. 

The  task  force  has  not  yet  completed  its  report.  The  purpose  of 
the  report  was  more  to  identify  issues  than  to  make  recommenda- 
tions. But  I  believe  all  of  us  are  strong  proponents  of  the  capacity 
of  business  to  lead  the  way  in  setting  the  rules  and  standards. 

Article  4(a)  of  the  Uniform  Commercial  Code  was  only  enacted  by 
most  of  the  States  of  this  Nation  in  the  early  1990's.  By  that  time, 
we  were  moving  over  $1  trillion  a  day  through  the  private  net- 
works and  settlement  mechanisms  that  the  banks  themselves  had 
established.  That  historical  anecdote  is,  I  believe,  testimony  to  the 
capacity  of  commerce  to  write  the  rules,  to  then  be  confirmed  by 
the  law. 
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From  my  perspective,  speaking  personally,  this  process  must  ag- 
gressively take  into  account  the  need  for  auditability  of  the  trans- 
actions. I  think  commerce  must  recognize  that  and  to  fail  to  em- 
brace that  in  their  self-regulatory  initiatives  will  only  embroil  the 
necessity  of  government  to  assume  a  more  active  role  than  perhaps 
is  required  in  the  first  instance. 

If  we  fail  to  allow  for  properly  valid  inspection  and  examination 
of  transactions,  either  for  criminality  or  for  tax  collection,  we  fail 
to  define  the  proper  jurisdictional  nexus — ^you  know,  how  do  gov- 
ernments look  at  the  transactions  across  boundaries? — we're  simply 
not  doing  the  job  right  and  we  leave  little  choice  but  for  govern- 
ment to  be  more  active  in  asserting  its  regulatory  jurisdiction. 

Chairman  Castle.  Thank  you. 

Mr.  McEntee,  in  your  cross-border  rules  development  process, 
how  do  you  overcome  impediments  to  U.S.  banks  handling  inter- 
national payments  due  to  differences  between  the  laws  of  the  Unit- 
ed States  and  other  countries? 

Mr.  McEntee.  There's  two  concerns  that  we  have  regarding 
cross-border  transactions.  One  is  that  consumer  protection  laws 
vary  from  country  to  country  and  that  is  a  challenge,  but  we're 
pretty  optimistic  that,  in  most  cases,  there  will  be  a  way  to  bridge 
the  differences  between  the  consumer  protection  laws  in  different 
countries.  However,  in  certain  cases  certain  payment  applications 
may  never  be  implemented  because  of  those  differences. 

From  the  United  States  standpoint,  however,  there's  a  far  more 
serious  concern  and  it's  not  a  consumer  protection  law;  it's  a  law 
dealing  with  the  Office  of  Foreign  Assets  Control  or  OFAC.  The 
regulations  of  OFAC  were  intended  to  block  transfers  going  into  ac- 
counts that  are  owned  or  controlled  by  known  enemies  of  the 
United  States. 

And  certainly  the  underlying  purpose  of  those  regulations  make 
a  lot  of  sense  from  a  public  policy  standpoint,  but  from  a  payment 
system  operations  standpoint,  they're  virtually  impossible  to  com- 
ply with  in  many  respects.  I'll  just  give  you  a  quick  example. 

There  are  literally  hundreds  of  Castros  living  in  Miami  and  sev- 
eral of  them  may  be  being  paid  by  direct  deposit  but  every  financial 
institution  that  handles  that  transaction,  in  essence,  needs  to  look 
at  that  transaction,  block  the  transfer,  make  sure  it's  not  going  to 
Fidel  Castro.  That  does  not  make  sense  in  a  system  that's  handling 
millions  and  millions  of  direct  deposit  to  pajrroll  payments  each 
day. 

There  are  a  lot  of  concerns  on  the  part  of  financial  institutions 
that  unless  there  is  some  regulatory  relief  in  the  OFAC  area,  it  will 
have  a  long-term  adverse  impact  on  the  United  States  as  the  finan- 
cial capital  of  the  world  and  also  the  U.S.  dollar  as  the  most  impor- 
tant currency  in  the  world.  I  would  be  glad  to  submit  a  report  to 
the  subcommittee  on  this  particular  problem  if  the  subcommittee 
would  like  us  to  do  that. 

Chairman  Castle.  Certainly  any  information  we  can  gather,  we 
would  love  to  have.  Thank  you. 

[The  report  referred  to  by  Mr.  McEntee  can  be  found  on  page  198 
in  the  appendix.] 
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Mr.  Boyles,  I  think  I  will  not  ask  you  a  question  now  since  we're 
going  to  have  your  demonstration  here  in  a  few  minutes,  but  111 
see  if  Mr.  Flake  has  any  questions  for  the  panel. 

Mr.  Flake.  Thank  you  very  much. 

I  really  only  have  one  question  and  that's  to  Mr.  Ritter.  As  this 
whole  process  evolves,  as  we  see  this  movement  taking  place, 
where  do  you  see  the  role  of  the  banking  industry  as  we  know  it 
now,  once  we  get  to  that  point  where  cards  become  basically  the 
primary  modus  operandi?  What  do  we  need  to  do  here  in  terms  of 
assessing  what  the  beink  role  is  going  to  be  and  what  kind  of  proc- 
esses we  need  to  put  in  place  to  safeguard  any  potential  of  the 
banks  being  in  any  way  jeopardized  in  relationship  to  safety  and 
soundness  issues? 

Mr.  Ritter.  Mr.  Flake,  I'm  not  sure  I'm  the  best  witness  on  that 
type  of  a  question  but  I'll  try  to  be  responsive. 

One  of  the  things  that  has  made  the  ability  of  commerce  to  ac- 
cept, if  you  will,  the  personal  check,  instead  of  money  as  a  means 
of  satisfying  the  payment  obligation,  has  been  the  confidence  of  the 
consumer  and  the  business  that  that  check  is,  in  fact,  underwritten 
by  substantial  assets  and  that  those  assets  are,  in  fact,  supported 
by  national  money,  in  terms  of  the  volume  of  deposits. 

When  we  look  at  the  global  market,  I  believe  the  cross-border 
project  that  NACHA  is  undertaking  and  some  of  the  activity  in 
Brussels  that  SWIFT  is  undertaking  are  only  the  first  steps  toward 
developing  a  consumer  confidence  that  all  banks  and  the  banking 
network  as  a  whole  have  the  same  degree  of  care,  the  same  degree 
of  resources  behind  these  payment  mechanisms  as  we  have 
promoted  here  in  the  United  States. 

My  own  opinion  is  that  the  banking  industry  plays  a  bridge  be- 
tween national  monies  and  these  different  payment  mechanisms 
that  is  an  essential  role  for  the  future  of  commerce  on  the  Net.  To 
completely  bypass  the  banking  network  would,  though  the  tech- 
nology exists  perhaps  to  do  so  with  some  of  the  products  that  we 
have  seen  today,  is  going  to  place  a  tremendous  pressure  on  those 
companies  to  find  mechanisms  that  will  earn  consumer  confidence. 

It  is  not  widely  known,  but  when  we  speak  of  the  travelers  check 
as  a  stored  value  card  or  device,  that  indeed  at  the  State  govern- 
ment level,  there  are  many  laws  in  place  that  require  the  same 
kind  of  financial  standards  and  solvency  to  be  in  place  behind  the 
issuer  to  assure  consumer  confidence  can  be  placed  in  those 
mechanisms. 

Those  kinds  of  standards  are  going  to  be  essential  to  assuring 
the  mobility  and  the  competitiveness  of  some  of  these  payment  in- 
struments. Whether  or  not  this  subcommittee,  the  Committee  as  a 
whole  must  mandate  the  development  of  financial  standards,  oper- 
ating standards,  reserves  of  national  currencies  behind  the  issuers 
is,  consistent  with  my  remark  to  the  chairman's  question,  some- 
thing I  would  hope  would  not  be  the  case. 

Hopefully  the  industry  and  the  participants  themselves  will  take 
the  leadership  in  understanding  the  importance  of  those  standards. 
It  is  not  the  technology;  it  is  the  necessity  of  providing  predict- 
ability and  stability. 

The  potential  of  the  Net  is  that  any  consumer  can  buy  from  any 
company  anywhere  in  the  world  and  the  proliferation  of  different 
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national  currencies,  the  proliferation  of  different  payment  mecha- 
nisms actually  retreats  us  back  to  the  days  of  the  1860's  whenever 
a  railroad  in  the  United  States  had  its  own  private  note  and  the 
ability  to  get  paid  was  a  function  of  the  credit-worthiness  of  the 
railroad. 

In  a  way,  we  are  in  the  same  position  in  looking  at  electronic 
commerce  globally.  Leveraging  the  existence  of  the  banking  infra- 
structure, not  only  nationally  but  globally,  offers  a  tremendous 
means  of  accelerating  the  capacity  of  these  new  payment  mecha- 
nisms to  actually  put  the  consumer  onto  the  Net. 

These  devices  are  the  portable  access  device  to  this  huge  global 
infrastructure.  They  are  critically  important  but  they  will  only  suc- 
ceed if  there  is  a  commercial  law  construct  of  standards  and  finan- 
cial competency  very  similar  to  what  we  have  already  accomplished 
with  the  checking  system  here  in  the  United  States. 

Mr.  Flake.  Thank  you.  I  would  explore  this  further  but  I  think 
since  we  have  a  vote  call,  Mr.  Chairman,  we  might  want  to  do  the 
demonstration  and  then  not  have  to  hold  the  subcommittee  for  the 
time  that  it  would  take  us  to  go  and  vote  and  come  back,  so  I  will 
yield. 

Chairman  Castle.  Thank  you  very  much,  Mr.  Flake. 

What  we're  going  to  do  now  is  to  formally  adjourn  the  sub- 
committee. I  must  make  an  announcement.  For  any  of  you  who 
thought  you  were  sneaking  in  for  Glass-Steagall,  we  have  to  clear 
the  whole  room  and  regather  again  at  2:00.  So  I  apologize.  It's  not 
my  ruling,  but  somebody's  ruling. 

And  Mr.  Boyles,  we  are  about  11  or  12  minutes  away  from  our 
vote  but  perhaps  we  could  have  the  demonstration.  Those  who  are 
interested  in  participating,  including  staff  and  guests  and  one  or 
two  Members,  will  proceed  to  do  so  in  the  next  3  or  4  minutes. 

So  with  that,  we  stand  adjourned.  Thank  you,  everybody. 

[Whereupon,  at  12:55  p.m.,  the  hearing  was  recessed,  to  recon- 
vene at  the  call  of  the  Chair,] 
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PREPARED  OPENING  STATEMENT  OF  CHAIRMAN  CASTLE 
FUTURE  OF  MONEY  IV  HEARING  lune  11.  1996 


The  subcommittee  will  come  to  order.  Welcome  to  the  House  Banking  and 
Financial  Services  Committee,  Subcommittee  on  Domestic  and  International 
Monetary  Policy.  This  is  our  fourth  hearing  on  the  Future  of  Money.  I  am 
grateful  to  Jim  Leach,  Chairman  of  the  full  House  Banking  Committee,  for 
permitting  us  to  continue  with  our  hearing  this  moming  in  the  midst  of  the 
banking  reform  act  mark-up.  We  are  obliged  to  finish  in  time  for  the  full 
committee  mark-up  to  reconvene  at  2:00  p.m.,  so  I  ask  the  witnesses  indulgence  if 
I  seem  to  move  the  hearing  along  briskly.  I  also  ask  the  members'  indulgence  in 
limiting  introductory  statements  so  that  the  time  can  be  devoted  to  questions  of 
the  witnesses. 

As  we  have  noted  before,  the  Subcommittee  is  in  no  rush  to  pass  legislation 
regulating  these  new  electronic  money  technologies,  but  prefers  to  focus  the 
attention  of  the  industry.  Congress,  the  Administration,  and  the  regulators  on  the 
potential  of  these  new  financial  technologies,  as  well  as  their  possible  pitfalls. 

The  Subcommittee  will  continue  to  press  for  common  and  well- 
conununicated  industry  standards.  This  Congress  and  the  ones  to  follow  will 
need  to  devise  new  paradigms  to  describe  the  world  of  electronic  commerce  and 
promote  a  better  understanding  of  the  whole  future  of  money  universe.  With 
industry,  we  must  help  provide  the  American  public  with  accurate  information  on 
how  these  new  technologies  and  products  may  give  them  more  financial  freedom 
and  choices  in  purchasing  goods  and  services  as  well  as  improved  means  of 
conducting  their  normal  banking  and  financial  business. 

This  fourth  hearing  will  close  a  chapter  in  a  literal  sense,  as  we  will  seek  to 
have  the  first  four  reports  bound  into  a  single  volume.    We  have  followed  this 
subject  from  our  first  hearing  last  July  with  the  entrepreneurs  who  are  behind  the 
new  technologies.  In  October,  we  heard  from  potential  regulators  and  law 
enforcement  authorities  regarding  their  varying  levels  of  interest  and  concern 
about  these  systems.  In  March  we  obtained  the  latest  insights  into  a  variety  of 
banking  strategies  employing  or  reacting  to  these  innovations.  And  now  we  will 
leam  how  these  new  forms  of  electronic  money  will  stream  across  international 
borders  and  provide  a  mechanism  for  greatly  increased  world-wide  commerce. 

I  recently  addressed  a  conference  at  the  CATC  Institute  on  the  same 
general  topic  as  this  hearings.  If  you  needed  any  confirmation,  this  should  prove 
that  cyberspace  affords  a  virtual  conmion  ground  for  contrasting  philosophies. 
That  conference  and  others  occurring  with  increasing  frequency,  turn  on  the 
basic  concerns  for  both  business  and  consumers  of  security,  privacy  and  an 
adequate  legal  theory  to  provide  a  foundation  for  enhanced  international 
commerce.  Even  when  these  tough  questions  have  been  answered,  there  will 
remain  equally  thorny  intemational  problems  of  taxation,  common  standards. 
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non-tariff  trade  barriers  and  dispute  resolution  to  occupy  the  emerging  legal 
specialties.  Nations  will  be  challenged  by  the  need  to  either  develop  a  consistent 
approach  to  both  virtual  and  real  electronic  payment  systems  or  risk  being  left  by 
the  side  of  the  information  super  highway. 

Today,  we  take  our  seminar  on  the  "Future  of  Money"  to  a  new  level  of 
sophistication  with  a  most  distinguished  list  of  witnesses.  On  the  first  panel  we 
have  three  European  Chief  Executive  Officers  from  companies  that  have 
pioneered  new,  and  often  quite  individual  technologies: 

Marc  Lassus,  Chairman  and  President  GEMPLUS  Card  Inc.,  the  world's 
leading  manufacturer  of  computer  chip  cards, 

Tim  Jones  CEO,  MONDEX,  a  U.K  venture  that  has  created  an  extremely 
versatile  payment  system  with  unique  hardware  and  software  capabilities  and 

Henning  Jensen,  CEO,  DANMONT  A/S,  in  association  with  the  Royal 
E)anish  Government,  one  of  the  first  large-scale  issuers  of  stored  value  cards. 
On  the  same  panel,  we  also  have  executives  from  two  U.S.  companies  at  the 
center  of  developments  in  electronic  commerce: 

Denis  Calvert,  Vice  President  &  General  Manager,  U.S.  Fmancial  Retail 
Markets,  Verifone  -  the  manufacturers  of  the  ubiquitous  point  of  sale  card 
readers  and  verifiers,  and 

Admiral  John  Donegan,  Ph.D.,  Vice  President  for  Operations,  Rrst 
Virtual  Holdings,  Inc.,  a  company  that  pioneered  commerce  over  the  Intemet 
with  a  payment  system  that  does  not  require  separate,  sophisticated  hardware  for 
security. 

The  second  panel  will  feature  scholars  and  commercial  innovators  who 
are  testing  new  theories  and  iimovative  applications  of  existing  models  with 
regard  to  electronic  commerce  and  digital  forms  of  money. 

Professor  Alan  F.  Westin  of  Coliunbia  ' Jniversity  Law  School,  is  a 
leading  authority  on  privacy  in  an  electronic  data  environment,  having  published 
his  first  book  on  the  subject  in  1972. 

Jeffrey  B.  Ritter,  is  Program  Director,  Electronic  Conunerce,  Law  and 
Information  Policy  Strategies  (ECLIPS),  and  has  left  private  practice  to  devote 
himself  to  full-time  research  in  these  areas. 

Elliott  McEntee,  is  President  &  CEO,  National  Automated  Clearing 
House  Association  (NACHA),  which  has  devised  and  tested  strategies  for  cross 
border  wholesale  settlements  that  may  well  play  an  important  role  in  international 
retail  commerce. 

Finally,  David  Boyles,  Senior  Vice  President,  New  Business  Ventures, 
Smart  Cards  and  Stored  Value,  American  Express  Travel  Related  Services,  will 
share  his  company's  long  experience  with  conunercial  substitutes  for  currency 
and  outline  some  of  their  strategy  for  the  Future  of  Money. 


52 


STATEMENT  OF  FLOYD  H.  FLAKE 

RANKING  MEMBER 

SUBCOMMITTEE  ON  DOMESTIC  AND  INTERNATIONAL  MONETARY  POLICY 

JUNE  11,  1996 

THE  FUTURE  OF  MONEY:  PART  IV 


Thank  you  Chairman  Castle  for  convening  this  our  fourth 
and  final  hearing  on  the  future  of  money.  By  bringing  the 
relevant  parties  to  the  subcommittee  over  the  past  year,  you  have 
enlightened  the  Banking  Committee  and  Congress  as  whole  on 
the  fascinating  aspect  of  electronic  commerce.  More  than 
bringing  an  intriguing  subject  to  the  forefi-ont,  you  have  brought 
important  policy  issues  to  the  Committee's  attention,  and  I  hope 
all  of  our  colleagues  understand  and  congratulate  you  on  your 
commitment  to  this  issue. 

Electronic  banking  and  its  ramifications  on  not  only  the 
national  but  global  economy  are  real  issues  of  importance  to  the 
Banking  Committee,  its  members  and  our  constituents.  This 
statement  will  outline  some  of  the  current  technology  that 
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facilitates  electronic  banking  and  commerce,  and  also  some  of 
the  security  and  regulatory  problems  these  new  technologies 
might  pose;  particularly  in  the  international  arena. 

I  will  initially  state  that  Democrats  will  be  especially 
concerned  about  the  affects  of  new  technology  on  the  consumer, 
and  the  poor  segments  of  society  who  are  often  classified  as 
under  served.  To  often,  in  communities  like  the  one  I  represent 
there  is  a  dearth  of  financial  services.  What  is  left  are  nonbanks 
which,  in  some  instances,  unfairly  take  advantage  this  lack  of 
services.  If  there  is  a  dearth  of  services  in  communities  like  I 
mine,  I  dare  say  that  in  much  of  the  developing  world  the 
conditions  could  be  worse.  I  would  expect  this  because  many 
developing  nations  lack  sound  economies,  payment  systems;  and 
in  new  democracies,  there  only  exist  fledgling  private  banking 
systems.  I  hope  to  hear  from  our  witnesses  some  explanation 
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about  how  they  see  particular  products  being  used,  and  what 
they  expect  to  see  in  the  traditional  emerging  market  and  other 
developing  economies. 

Democrats  will  also  have  concerns  about  privacy  issues,  so 
we  will  listen  with  interest  to  the  testimony  of  Dr.  Westin.  The 
new  technology  being  developed  has  the  capability  to  track, 
among  other  things,  consumer  spending  habits.  The  result  is 
that  the  anonymity  that  some  consumers  enjoy  with  cash  could 
disappear,  and  Congress  must  ask  what  sort  of  legislative  or 
regulatory  regime  will  govern  privacy  as  we  move  to  new 
payment  products.  Toward  that  end,  I  would  ask  that  the 
witnesses  comment  on  experiences  in  international  efforts  to 
protect  privacy,  and  whether  any  of  those  experiences  would  be 
relevant  to  apply  here  in  the  U.S. 
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In  closing,  let  me  state  that  I  am  excited  about  new 
payment  products.  Democrats,  while  concerned  about  privacy, 
safety  and  soundness,  and  the  universal  availability  of  this  new 
technology,  do  see  advantages  of  electronic  payment  methods. 
The  prospect  of  less  expensive  entitlement  payments,  which  are 
safer  for  the  recipient  and  issuing  agencies,  is  of  great  interest  to 
those  of  us  who  seek  changes  in  social  programs. 
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GEMPLUS 


USA  HOUSE  OF  REPRESENTATIVES 


PRESENTATION  TO  THE  SUBCOMMITTEE  ON  DOMESTIC  AND  INTERNATIONAL  MONETARY 
POLICY  ON  THE  HOUSE  COMMITTEE  ON  BANKING  AND  FINANCIAL  SERVICES 

June  11-1996 
Washington 

Marc  LASSUS 

Chairman  GEMPLUS 

BP  100 

13881  GEMENOS  Cedex 

FRANCE 

Good  morning  Mr  Chairman  and  members,  ladies  and  gentlemen,  of  the 
Subcommittee.  It  is  a  great  honour  to  speak  with  you  today  at  these  Hearings 
on  the  Future  of  Money. 

You  have  invited  me  here  to  share  my  experience  in  the  stored  value  card  arena 
and  in  the  Electronic  Commerce  International. 

I  am  Marc  LASSUS,  Chairman  and  founder  of  GEMPLUS,  a  company  incorporated 
at  Gemenos,  South  East  of  France.  Currently,  the  company  is  the  world  leader 
in  "Smart  Cards"  (or  microcomputer  circuit  cards)  with  a  worldwide  market 
share  of  approximately  40  %. 

GEMPLUS  will  manufacture  this  year,  in  1996,  300  million  Smart  Cards  and  its 
revenues  will  approach  500  M$. 

The  company  operates  manufacturing  plants  in  France,  Germany,  United 
Kingdom,  Netherlands,  United  States,  and  just  opened  two  new  plants  in 
Mexico  and  in  China. 

Since  its  foundation,  just  7  years  ago,  GEMPLUS  has  participated  to  an  explosion 
of  the  worldwide  market  of  Smart  Cards  with  a  sustained  annual  growth  of 
50  %. 

The  major  market  segments  using  Smart  Cards  today  are  : 

-  Public  telephony, 

-  Digital  cellular  (wireless)  telephony, 

-  Banking, 

-  Health  care. 


Avenue  du  Pic  de  Bertagne  -  Pare  d'Activit6s  de  G6menos  -  BP  100  -  13881  G6menos  Cedex  -  France 
Tel   +(33)  42  32  50  00  -  Fax  +(33)  42  32  50  90 
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-  Government  entitlennent  programs  (EBT), 

-  Pay  TV  (cable  and  satellite), 

-  Gaming, 

-  Transportation. 

The  sales  of  Smart  Cards  per  geographic  area  are  approximately  : 

-  60  %  in  Europe, 

-  1 5  %  in  Asia  and  Middle  East, 

-  1  5  %  in  Latin  America, 

-  1 0  %  only  for  the  rest  of  the  world  including  North  America. 

As  a  witness  of  what  is  happening  on  the  world  scene  I  would  like  to  share  with 
you,  what  I  believe,  are  the  key  parameters  explaining  the  success  of  this  new 
product  worldwide. 

I  would  like  also  to  review  the  environmental  influences  such  as  business 
culture,  sociology,  regulations  explaining  the  approaches  taken  by  different 
countries. 

But,  above  all,  I  would  like  to  investigate  with  you  what  role  could  play 
Electronic  Money  in  our  future,  and  what  are,  in  our  opinion,  the  formidable 
challenges  ahead  of  us,  and  more  precisely  for  your  Great  Country  playing  a 
leading  role  on  the  world  scene. 

Why  smart  cards  are  so  successful  in  the  world  ? 

Outside  very  large  volume  applications  such  as  : 

-  Public  Telephony  :  90  countries  in  the  world  using  Smart  Cards, 

-  Health  care  :  all  German  people  carry  an  health  care  Smart  Card, 

-  Pay  TV  :  EBT,  and  Transportation, 

-  Electronic  commerce  using  Smart  Cards  is  taking  high  momentum  in  many 
countries. 

This  new  payment  mechanism  gives  clear  benefits  to  merchants  and  consumers, 
reducing  cash  handling  expenses  and  losses  due  to  fraud,  speeding  customer 
transactions  at  the  check-out  counter  and  enhancing  customer  convenience  and 
safety. 
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50  countries  in  the  world  are  engaged  in  Electronic  Purse  programs.  Among 
them,  Germany,  Singapore,  Australia,  Hong-Kong,  Russia,  Republic  of  South 
Africa,  Portugal,  etc... 

-  Another  significant  advantage  of  Smart  Cards  is  the  fact  that  they  allow  to  run 
multiapplication  systems  and  loyalty  programs  in  parallel,  within  the  same  silicon 
microcomputer  chip.  None  of  the  existing  technologies  such  as  magnetic  stripe 
cards  can  securely  offer  these  functions. 

-  Smart  Card  represent  also  an  excellent  vehicle  towards  more  equality  and 
democracy.  In  the  Republic  of  South  Africa,  for  example.  Smart  Card  programs 
are  aimed  at  giving  access  to  the  unbanked  population  to  enhanced  banking 
technologies  while  solving  critical  security  problems. 

There  are  also  important  projects  under  pilot  utilizing  Electronic  Purse  for 
purchases  and  Government  entitlement  programs  giving  the  recipients  equal 
access,  while  eliminating  abuses  and  fraud. 

These  important  programs  which  are  developed  all  over  the  world  today  are 
done  almost  independently  from  any  regulation  or  even  outside  any  real  attempt 
of  standardization. 

However,  in  most  of  the  cases  local  banks  are  active  partners  for  these 
programs. 

In  this  respect  the  "working  group  on  European  Community  Payment  Systems" 
has  made  the  following  recommendations  : 


Quote 


"-  The  European  Central  Banks  will  not  interfere  in  the  deployment  of  these  new 
payment  systems. 

-  The  Central  Banks  will  let  private  initiatives  and  the  market  to  decide  what  are 
the  most  suitable  payment  systems  for  the  consumers. 
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-  However,  the  European  Central  Bank  will  monitor  closely  the  development  of 
Electronic  Purse  applications,  especially  when  related  to  security  issues. 

-  The  European  Central  Banks  intend  to  work  closely  with  other  Central  Banks 
outside  the  European  Community." 

Unquote 


To  conclude. 

On  the  regulation  side,  a  lot  of  flexibility  is  given  so  far  to  private  initiatives  in 
the  field  of  Smart  Card  usage  for  Electronic  Commerce  in  Europe  and  in  many 
countries. 

What  could  happen  in  the  future  ? 

We  do  believe  that  "de  facto"  standards  will  develop  on  a  worldwide  basis  such 
as  MONDEX,  DANMONT,  BANKSYS,  etC... 

Initiatives  taken  by  VISA,  MASTERCARD  and  EUROPAY  to  develop  a  common  set  of 
specifications  will  come  to  fruition. 

Banks  have  indeed  a  major  new  opportunity  to  participate  to  low  cash  value 
transactions  (vending,  transportation,  parking,  etc.). 

Electronic  Purse  applied  to  mass  transit  through  automated-fare  card  systems 
will  give  to  the  banks  a  privilege  way  to  reach  relatively  poor  and  unbanked 
populations. 

There  is  however  a  big  risk  for  the  traditional  financial  institutions.  Indeed 
companies  controlling  networks  such  as  Telecom  operators,  cable  TV 
companies,  wireless  services  companies  will  have  a  magnificent  window 
opportunity,  offered  by  modern  technologies,  to  jump  into  the  financial  services 
bandwagon. 

Smart  Card  will  be  able  to  bring  transaction  security  and  payment  means  to 
many  existing  distributed  terminals. 
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By  the  year  2000  for  example  : 

-  300  million  cellular  telephone  subscribers  will  have  access  to  digital  networks 
and  offer  financial  transaction  capabilities, 

-  Several  hundred  million  of  PC  users  will  have  secured  Electronic  Commerce 
capabilities  through  Smart  Cards  (with  modem,  key  board,  and  Smart  Card 
interfaces  compatibility), 

-  1  billion  people  will  be  able  to  use  Smart  Card  public  telephones  for  Electronic 
Transaction. 

It  could  happen  that  banks  and  financial  institutions  would  not  be  the  preferred 
operators  for  these  networks,  it  is  imperative  in  this  respect  that  banks  find 
themselves  on  equal  footing  in  this  new  industry  as  it  evolves. 

What  could  be  the  role  of  the  governments  ? 

It  is  our  opinion  that  Governments  should  encourage  alliances  among 
institutions,  card  associations  and  the  private  sector  to  promote  growth  of  this 
new  industry  and  equal  access  to  any  potential  customer. 

-  Governments  should  let  private  initiatives  and  the  market  to  decide  what  are 
the  most  suitable  payment  systems  for  the  people. 

-  Governments  should  take  advantage  in  the  deployment  of  these  new 
Electronic  Transactions  media  to  insure  a  better  distribution  of  Government 
entitlement  programs  giving  the  recipients  equal  access  and  better  usage  of  the 
Public  Money. 

-  The  same  should  apply  for  equal  access  to  culture  and  information.  Smart 
Cards  represent  an  "unique  key"  in  that  respect.  We  must  make  the  technology 
work  for  all  the  people  and  not  only  for  the  PC  litterates  ! 

On  the  other  side  however.  Governments  shouldn't  compromise  on  privacy  and 
security  issues. 

Smart  Cards  can  be  the  best  tool  for  privacy  protection  by  offering  full 
anonymous  transaction  and  representing  the  best  "personal  safe"  for  the 
people.  However,  a  wrong  usage  of  this  technology  could  lead  to  abuses.  There 
are  very  good  ways  to  prevent  them  but  they  must  be  applied  strictly. 


61 


GEMPLUS 


Finally,  on  the  security  issues  Governments  have  a  major  role  to  play  and  there 
is  a  need  for  a  very  strong  international  cooperation. 

Transaction  data  must  be  handled  in  an  highly  secure  manner  that  can  be 
auditable  by  any  Government.  The  success  of  international  Electronic  Commerce 
is  at  stake. 

Smart  Card  based  encryption  techniques  offer,  in  our  opinion  a  very  efficient 
and  economical  way  to  guaranty  electronic  trading  integrity,  especially  on  the 
INTERNET,  where  lack  of  security  is  seen  as  the  major  impediment  to  trade. 

A  Consortium,  known  as  the  International  Cryptography  Framework  (ICF) 
comprising  corporations  such  as  HEWLETT  PACKARD,  INFORMIX  and  GEMPLUS  has 
proposed  to  US  National  Security  Administration  (NSA)  an  hardware,  based 
encryption  technique,  which  level  of  security  is  determined  by  Government 
issued  Smart  Cards  on  a  country-  by-country  basis. 

This  proposal  is  presently  under  evaluation. 

Mr  Chairman,  and  members  of  the  Subcommittee,  I  would  like  to  thank  you  for 
your  invitation,  which  again,  is  a  great  honour  and  very  flattering  for  all  the 
people  of  my  young  company. 

As  a  general  conclusion,  I  just  would  like  to  say  that  Smart  Card  are  there  for 
the  best,  I  believe,  of  the  Human  Society  (Communications,  Education,  Health 
care.  Social  benefits,  modern  transactions). 

We  are  convinced  that  the  best  policy  for  any  Government  and  for  the 
development  of  this  new  Industry  is  to  apply  a  monitoring  activity  and  not  a 
regulating  activity. 


Ladies  and  Gentlemen 
Thank  you  very  much  for  your  attention. 


9.S.365    96-3 
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SUBMISSION  TO  THE  US  HOUSE  OF  REPRESENTATIVES 
BY  MONDEX  ON  'THE  FUTURE  OF  MONEY'.  JUNE  1 1th  1996 


The  future  of  money  as  it  affects  the  payment  systems  in  the  US  and  abroad 

To  be  widely  adopted,  any  alternative  to  cash  must  offer  not  only  the  existing 
features  of  cash  (i.e.  store  of  value,  widespread  recognition  and 
acceptance,  universal  transferability  and  divisibility)  but  must  successfully 
recombine  these  features  in  new  ways  which  give  additional  utility  to  the 
user.  Mondex  achieves  not  only  this  objective  but  successfully  bridges  the 
old  world  of  physical  cash  and  the  new  world  of  Virtual'  cash. 

Over  thousands  of  years,  human  civilisation  has  developed  and  established 
ever  more  advanced  payment  systems.  Indeed,  most  economists  would 
maintain  that  the  invention  of  "money"  directly  accelerated  technological 
development.  Societies  were  able  to  move  beyond  the  limitations  of  barter 
to  an  exchangeable  store  of  value  -  based  usually  on  precious  or  rare  objects 
and  materials,  such  as  shells  or  gold.  A  crucial  shift  came  with  the 
acceptance  of  paper  money  and  token  coins  instead  of  precious  metals. 
Paper  money,  in  spite  of  its  vulnerability  and  lock  of  intrinsic  value,  has  served 
well.  In  recent  decades  cheques,  credit  cards  and  debit  cards  have  been 
invented,  adopted  and  developed.  The  global  dominance  of  cash  as  a 
payment  instrument  has,  however,  been  preserved  in  spite  of  these 
innovations.  The  confidence  underlying  money  has,  however,  moved  from 
reliance  on  the  intrinsic  value  of  money  to  the  status  ond  solvency  of  entities 
which  issue  tokens. 

Advances  in  technology  have  now  created  the  opportunity  to  replace  some 
physical  cosh  with  a  secure,  electronic  alternative.  Mondex  is  perhaps  the 
best  example  of  a  direct  cash  replacement  system  -  but  other  products  are 
under  development. 
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Mondex  functionality  overlaps  with  cosh  to  the  extent  that  it  provides  a 
secure  store  of  value  that  is  divisible,  universally  transferable  and  receives 
widespread  acceptance.  Cash  remains  distinct  in  that  it  embodies  the  asset 
and  does  not  require  a  silicon  chip  and  plastic  card  platform  for  its  operation. 
Mondex  also  is  distinct  from  cosh  in  that  Virtual'  or  "electronic'  transfers  of 
value  are  possible  across  any  computer  or  telephonic  network, 

Although  Mondex  is  "cosh"  in  terms  of  its  role  in  society  Mondex  is  not  cash  in 
a  legal  sense.  Specifically  this  means  that  Mondex  is  net  a  currency  as  it  is 
not  backed  by  the  state  and  it  is  not  legal  tender  as  there  is  no  requirement 
on  a  counterparty  to  accept  it  in  payment  for  debts,  Mondex's  attraction 
lies  in  offering  on  alternative  to  physical  money  which  will  not  completely 
replace  notes  and  coins,  but  will  influence  the  way  in  which  physical  and 
electronic  commerce  are  conducted  and  provide  a  complementary  cosh 
payment  medium  in  support  of  this  economic  activity. 

The  impact  of  electronic  cash  will  be  profound.  Most  stored  vdlue  or 
electronic  purse  initiatives  other  than  Mondex  dre  predicated  on  forms  of 
database  reconciliation  of  card  transactions.  Supporting  the  infrastructure 
required  for  such  a  process  means  the  marginal  cost  per  transaction  for  such 
initiatives  is  always  likely  to  be  uneconomic  for  the  lowest  value  transactions, 
leading  to  their  exclusion  or  to  substantial  cross-subsidisation.  Nor  does  the 
architecture  of  such  initiatives  allow  for  the  replication  of  that  core  feature  of 
cash  ..  transferability.  The  ability  to  make  payments  at  a  distdnce,  with  no 
third  party  intervention,  will  fundamentally  change  commerce.  Time  and 
distance  -  always  constraints  on  trade  -  will  become  less  significant. 
Computers  and  digital  technology  hove  opened  up  new  markets  that 
require  swift  and  secure  pdyments,  at  once  precluding  the  use  of  physical 
cosh  and  pointing  to  electronic  cash  as  the  obvious  way  fOAvard. 
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In  the  Industrial  Society  of  the  middle  20th  century,  business  culture  was 
dominated  by  four  key  technologies: 


The  key  technologies  have  changed;  business  culture  Is  rapidly  evolving  into 
a  new  paradigm: 


The  shift  to  remote  payments  will  transform  the  Retail,  Entertainment  and 
Telecommunications  industries.  Bonks  and  Governments  will  need  to  adapt 
quickly  to  new  roles,  responsibilities,  opportunities  and  threats. 


A  viable  electronic  cash  payment  system  has  been  the  challenge  facing 
bonks  for  many  years.  As  technology  has  advanced  and  costs  have  fallen 
electronic  cash  has  become  a  reality.  The  banks  see  electronic  cash  as  the 


65 


answer  to  a  number  of  issues;  notes  and  coins  are  expensive  to  move 
around,  need  to  be  regularly  replaced,  ore  increasingly  threatened  by 
potential  counterfeiting  and  cannot  travel  along  phone  lines.  In  addition  to 
this  the  needs  of  the  consumer  ore  developing  rapidly  as  flexibility,  ease  of 
access  and  security  become  all  important  and  the  physical  marketplace 
begins  to  give  ground  to  Its  virtual  cousin. 

The  opportunity  facing  bonks  is  to  provide  a  product  which  offers  enough 
benefits  to  both  consumers  and  retailers  to  moke  It  a  favorable  alternative  to 
cash.  We  believe  this  is  what  Mondex  provides  and  this  Is  borne  out  by  our 
experience  In  both  internal  and  external  trials  around  the  world  over  the  past 
four  years. 

How  this  new  technology  presents  challenges  and  opportunities  to  banks 

The  Importance  of  security 

One  of  the  most  significant  challenges  for  the  banks  or  indeed  any  issuers  of 
electronic  cash  is  to  maintain  the  value  of  their  issued  electronic  cosh.  It  is 
precisely  because  Mondex  is  just  like  cash  that  it  needs  a  high-level  of 
security  to  protect  it  against  counterfeit  and  fraud  -  against  criminals  or 
computer  hackers  who  would  seek  to  mimic  the  cord  and  so  forge  electronic 
money,  or  who  would  try  to  intercept  or  divert  genuine  electronic  money 
transfers  between  other  parties.  By  the  some  token,  because  of  the  flexibility 
and  scaleability  of  its  security  architecture,  described  below,  Mondex  offers 
the  opportunity  of  significantly  raising  the  bar  in  the  battle  against  those  who 
would  counterfeit  money. 

Security  has  been  a  fundamental  component  of  Mondex  since  its  inception 
in  1990.  Security  has  continually  been  the  focus  of  development  -  with  banks, 
smart-card  manufacturers  and  software  developers. 
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As  a  result  there  are  many  security  features  wittiin  Mondex  designed  to 
provide  a  safe,  convenient  and  reliable  payment  mechanism  for  banks, 
retailers  and  individuals  alike. 

IVlondex  uses  a  basic  security  architecture  which  is  shared  by  all  territories  to 
guarantee  international  interoperabilit/  but  has  certain  parameters  which  do 
not  affect  interoperability  that  can  be  managed  at  the  discretion  of  each 
territory.  A  central  theme  of  the  security  arctiitecture  is  cost  effective 
renewal  processes.  Security  upgrades  are  implemented  without  making 
changes  to  any  of  the  devices  used  by  Mondex  customers. 

Each  chip  has  two  different  security  systems  on  board:  one  active,  one 
dormant.  Periodically  cards  are  instructed  to  activate  the  dormant  system. 
As  cords  are  used  more  and  more  systems  ore  cycled  to  the  dormant  system, 
and  eventually  new  or  renewed  cards  carry  the  dormant  system  as  the  new 
active  system,  and  introduce  yet  another  dormant  system,  thus  allowing 
constant  improvement  that  is  transparent  to  Mondex  users.  Renewability  of 
the  security  systems  is  essential  to  any  payment  system.  Mondex  has  found 
on  elegant  and  effective  way  to  manage  this  process. 

Security  for  the  banking  system 

Just  as  the  manufacture  and  storage  of  cash  is  physically  protected  so  the 
manufacture  and  storage  of  Mondex  value  will  be  protected  by  the 
electronic  equivalent  of  locks  and  combinations  on  safes  and  a  rigorous 
protocol  controlling  access  to  security  areas  and  information. 

Just  as  banks  monitor  the  flow  of  cash  in  the  economy  to  identify,  isolate  and 
"close  down'  attempted  counterfeiting  operations,  bonks  in  Mondex  will  be 
able  to  monitor  the  flow  of  Mondex  value  so  that  they  too  can  identify, 
isolate  and  close  down  any  counterfeiting  operation. 

Any  security  architecture  has  to  achieve  three  tasks.  These  ore  firstly  to 
prevent  loss  of  any  kind,  secondly  to  detect  fraud  should  the  prevention 
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mechanisms  fail  and  finally  fo  confain,  and  then  enable  recovery  from,  a 
security  breach.  Within  Mondex  the  prevention  mechanisms  rely  on  the 
quality  of  our  cryptography,  the  quality  of  our  internal  procedures  and  the 
tamper  resistance  of  high  security  integrated  circuits.  These  mechanisms 
have  been  extensively  reviewed  and  are  considered  state  of  the  art. 

The  detection  mechanisms  rely  on  appropriate  data  gathering  and 
interpretation  strategies.  Mondex  has  devised  a  strategy  for  sampling 
transactions  and  managing  value  flows  to  ensure  that  a  security  breach  can 
be  detected  long  before  a  criminal  could  possibly  have  recovered  his 
investment.  On  this  basis  Mondex  containment  and  recovery  mechanisms 
con  be  activated  to  ensure  that  a  criminal's  Investment  is  never  recouped. 

We  believe  we  have  an  efficient  value  management  strategy  based  on 
transaction  sampling  which  is  more  manageable  than  full  accounting.  Given 
the  enormous  cost  of  defeating  our  prevention  mechanisms  our  strategy  is 
just  as  effective  in  building  a  deterrent  as  full  accounting,  but  doesn't  require 
the  overhead  of  capturing,  storing,  reconciling  and  accounting  for  every 
transaction. 

Security  for  your  cash 

Mondex  also  provides  security  for  the  individual;  providing  consumers  with  the 
ability  to  protect  their  cash  by  Mocking'  their  cards  with  a  personal  code  -  so 
that  Mondex  value  cannot  be  taken  from  a  card. 

Similarly  on  the  individual  level  Mondex  has  safeguards  comparable  to  the 
checks  made  before  a  bank  hands  over  your  cash.  Rather  than  requiring  a 
physical  signature  the  Mondex  chip  card  automatically  uses  an  electronic 
'digital'  signature  to  preserve  the  integrity  of  Mondex  value  and  to  ensure 
that  any  value  transferred  can  only  be  received  by  the  card  for  which  it  is 
intended. 

So  just  how  is  this  security  achieved? 
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The  chip  and  the  protocol 

Security  begins  with  the  two  basic  elements  in  the  Mondex  system  -  the 
hardware  of  the  chip  embedded  in  the  cord  and  the  software  which  holds 
the  value  and  controls  its'  movement  between  cards. 

The  Mondex  chip  card  has  been  specifically  designed  to  protect  the  data 
from  unauthorised  disclosure  and  modification  from  both  physical  and  logical 
attacks. 

The  first  microchip  to  be  used  for  Mondex  is  a  specially-tailored  security 
application  using  the  Hitachi  H8/310  smartcard  microprocessor.  In  the  future 
Mondex  will  migrate  to  faster  and  more  powerful  chip  cards  as  they  become 
available  to  increase  the  facilities  available  to  Mondex  users  and  to  update 
and  increase  the  level  of  security. 

Loaded  on  these  tamper-resistant  chip  cords  are  the  Mondex  security 
applications  -  in  particular  the  Value  Transfer  Protocol  which  uses 
sophisticated  cryptography  to  protect  value  as  it  passes  from  one  Mondex 
cord  to  another.  An  important  aspect  of  Mondex  is  that  value  con  only 
move  between  Mondex  cards  -  and  can  only  be  stored  on  Mondex  cords. 

The  Mondex  application  together  with  a  wide  variety  of  security  processes 
provides  layers  of  'protection'  in  the  armory  of  Mondex, 

Cost,  time  and  uncertainty  ore  important  deterrents  to  fraud 

With  bonk  notes  and  coins,  fraud  con  take  place  through  the  use  of 
"adequate'  forgeries  produced  with  relatively  inexpensive  technology.  With 
Mondex  the  design  of  the  security  is  such  that  the  cost  of  the  technology 
needed  to  moke  counterfeit  value  is  so  high  as  to  moke  the  exercise 
economically  unviable  -  and  even  then  only  a  'perfect'  forgery  will  do, 
otherwise  it  will  foil. 


69 


Not  only  is  any  attempt  to  counterfeit  Mondex  likely  to  be  very  expensive  and 
time-consuming,  it  will  also  be  very  uncertain.  Mondex  will  employ  a  mixture 
of  both  regular  and  'sporadic'  updates  of  the  chip  and  the  cryptography 
used,  ensuring  that  any  success  by  counterfeiters  will  rapidly  become  useless 
and  valueless. 

The  management  of  value 

For  each  currency  within  the  Mondex  system,  there  will  be  a  single 
"Originator'  body  -  either  a  company  established  by  participating 
commercial  banks  or  a  country's  central  bonk  -  which  alone  is  able  to 
manufacture  value  in  that  currency.  This  Originator  controls  the  amount  of 
value  denominated  in  its  currency  which  is  in  circulation,  both  domestically 
and  abroad.  Finally  value  destruction  will  take  place  at  this  single  source. 

Originators  will  set  a  maximum  limit  on  the  value  in  their  currencies  which  can 
be  held  in  any  level  of  Mondex  card,  in  any  country  and,  at  any  point  in  time. 

Regular  and  Rapid  Security  Chonoes 

Just  as  banknote  design  is  periodically  changed  to  provide  improved 
safeguards  against  forgery,  so  Originators  in  the  Mondex  electronic  cash 
system  will  be  able  to  'replace  the  currency'. 

Most  obviously  this  can  be  done  by  issuing  a  new  generation  of  cards  but  a 
new  generation  of  cryptography  con  also  be  introduced  without  changing 
cards  -  providing  Mondex  with  the  means  'to  change  the  locks'  without 
disrupting  ordinary  business  and  without  giving  any  prior  warning  to  any 
would-be  fraudsters.  As  with  physical  cash,  the  old  and  new  versions  will  co- 
exist for  0  short  period  of  time. 

This  process  is  designed  so  as  to  allow  banks  to  migrate  virtually  all  Mondex 
cords  in  use  in  a  matter  of  days  -  without  inconveniencing  card-holders  -  or 
even  requiring  their  assistance. 
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Fraud  detection  and  containment 


Essential  to  the  approach  to  Mondex  security  is  that  it  has  been  developed 
not  only  to  deter  fraud  but  also  to  detect  and  contain  the  risk  of  fraud  -  to 
maximise  the  risks  of  the  criminal  being  caught  and  to  minimise  the 
opportunity  that  the  criminal  can  financially  benefit  from  any  attempted 
fraud. 

In  particular  the  system  is  able  to  capture  and  analyse  data  on  trends  and 
unusual  situations  -  in  a  way  which  is  not  feasible  with  suspect  currency  and 
coins  or  suspect  signatures  on  cheques.  Retailer's  terminals  and  bank 
cashpoints  provide  many  opportunities  for  Mondex  to  capture  transaction 
data  and  patterns  of  behaviour  which  con  be  analysed  to  give  warning  of 
suspicious  circumstances. 

For  example  because  each  genuine  transaction  has  a  unique  number  any 
duplication  of  transaction  numbers  would  indicate  fraud.  In  addition  any 
inconsistency  in  the  sequence  numbers  of  transactions  indicates  there  has 
been  complete  unauthorised  fabrication  of  a  card. 

In  addition,  Mondex  transactions  can  be  assessed  automatically  against 
threshold  parameters,  derived  from  past  experience.  Discovery  that  a 
transaction  exceeded  such  thresholds  con  raise  a  warning,  which  con 
enable  a  member  bonk  to  disable  or  lock  the  card  if  desired. 

Similarly  transactions  attempting  to  exceed  the  value  limits  built  Into  the  cards 
and  other  criteria,  can  oil  signal  possible  fraud  and  the  need  for  closer 
inspection. 

Certainly  anybody  attempting  to  convert  any  criminally  obtained  value  via 
the  banking  system  will  come  up  against  the  extensive  audit  capability 
available  for  on-line  transactions.  Suspicions  can  be  aroused,  for  instance, 
by  regular  or  frequent  value  redemption  from  particular  'unexplained' 
sources,  by  a  high  average  of  redemptions  relative  to  the  card  limit  (for 
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example,  an  individual's  card  behaving  as  if  it  was  handling  the  amounts 
appropriate  to  a  shopkeeper's  card)  or  single  large  redemptions  from  on 
unusual  location. 

Naturally  cords  identified  as  being  unauthorised,  reported  stolen  or 
potentially  fraudulent  can  be  de-linked  immediately  from  the  banking 
system. 

Clearly,  there  is  a  balance  to  be  achieved  between  the  need  for  proper 
prudential  oversight  of  the  Mondex  system  and  the  legitimate  privacy  rights 
of  the  consumer.  Principles  ore  being  developed  to  ensure  transparency  so 
that  the  consumer  knows  what  information  is  held  on  the  card.  At  the  same 
time  some  sampled  and  largely  aggregated  card  based  information  must  be 
available  to  those  running  the  payment  system  to  ensure  its  integrity  and  that 
potential  systemic  risk  is  minimised. 

One  important  feature  of  the  security  system  that  is  managed  at  the 
discretion  of  each  territory  (by  the  Mondex  Originator  in  compliance  with  any 
applicable  lows)  is  the  purse  class  structure  and  associated  maximum  purse 
limits.  Each  Mondex  purse  has  o  position  in  a  hierarchy  which  dictates  which 
purses  it  con  pay  value  to  and  receive  value  from.  The  purse  class  structure 
enables  those  operating  the  Mondex  system  in  each  territory  to  balance  risk 
against  control,  e.g.  purses  with  high  balance  limits  ore  forced  to  interact 
with  the  host  system  of  one  of  the  members  and  such  transactions  are  on  on 
accounted  basis.  This  effectively  neuters  Mondex  as  a  money  launderer's 
tool  since  all  high  value  purses  hove  to  interact  with  the  banking  industry 
directly. 

Secure  Foundations  and  a  Secure  Future 

The  security  of  the  Mondex  system  depends  on  the  Mondex  organisation 
maintaining  the  integrity  of  the  chips  which  it  uses  and  ensuring  the 
continued  soundness  of  the  electronic  architecture  of  the  system. 
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Mondex  security  is  based  on  continuous,  ongoing  refinement  to  achieve 
further  levels  of  defence  against  potential  future  attack.  As  chip  cards 
become  more  sophisticated  -  able  to  carry  and  transfer  more  information  - 
the  Mondex  approach  to  fraud  containment  con  become  ever  more 
powerful.  The  Mondex  approach  is  to  encourage  regional  banking 
experience  to  reinforce  the  overall  global  Mondex  security  architecture. 

To  sum  up,  Mondex  has  a  large  armoury  of  security  features  and  will  continue 
to  odd  to  its  security  with  new  technologies  and  new  techniques  -  both  in 
advance  and  in  response  to  potential  attack. 

Commercialisation  of  Mondex 

Mondex  is  designed  to  be  ubiquitous  in  use.  That  is  to  say  it  may  support  high 
and  low  value  payments  in  both  the  physical  world  of  the  shopping  moll  and 
the  virtual  world  of  emerging  electronic  commerce  networks. 

Mondex  has  been  carefully  restricted,  through  the  use  of  our  purse  class  and 
purse  value  limit  structure  to  be  a  low  value  payment  instrument  for  the  first 
few  years  of  its  commercial  life.  The  architecture  of  Mondex  is  designed  to 
allow  for  high  value  as  well  as  low  value  transfers.  A  Mondex  product  may 
well,  therefore,  in  future  become  a  component  of  corporate  to  corporate 
and  bank  to  bank  transfer  systems.  Such  uses  of  the  product  would  however 
raise  their  own  risk  management  and  regulatory  issues. 

Mondex  like  any  new  consumer  payment  initiative  faces  the  problem  of 
promoting  both  retailer  acceptance  and  consumer  uptake,  where  each  is 
consequent  on  the  other. 

Retailer  pull  clearly  varies  by  segment  and  the  proportion  of  overall  turnover 
represented  by  cash.  Fast  food,  convenience  stores,  groceries,  gasoline 
stations,  vending,  etc.  hove  generally  shown  themselves  rapid  adopters  of 
Mondex  at  implementations  in  Swindon  in  the  UK  and  San  Francisco  in  the  US. 
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In  the  US  context,  merchant  acquirers  hove  expressed  considerable  interest 
in  Mondex  as  a  way  to  enfranchise  those  forty  percent  or  so  of  retailers  with 
whom  they  currently  have  no  relationship,  i.e.  cash-only  retailers.  Once 
acquired  for  Mondex  a  bank  or  merchant  acquirer  may  offer  to  provide 
additional  added  value  services  such  as  customer  loyalty  schemes  using  the 
Mondex  technical  platform. 

Consumers  hove  indicated  through  market  research  in  a  number  of  countries 
including  the  United  States,  Japan,  Germany,  France  and  the  United 
Kingdom  that  they  were  very  likely  to  (UK  -  81%  likely  or  very  likely)  apply  for 
Mondex  cards  in  the  event  of  mass  acceptance  by  retailers  and  in 
payphones,  vending  machines,  etc. 

Of  course  providing  on  alternative  to  cosh  in  the  shopping  mall  is  only  the 
beginning  of  the  Mondex  proposition.  The  ability  for  real  time  consumer  funds 
transfer  over  any  public  or  private  network  transforms  the  service  offering  for 
other  telephone  based  or  Internet  based  businesses. 

Once  money  is  on  the  Mondex  card,  it  can  be  spent  via  the  Internet  using 
computers  with  appropriate  Mondex  software  and  a  smartcard  reading 
device. 

The  Mondex  system  is  especially  well-suited  to  the  "micro-payments'  which 
make  up  the  majority  of  transactions  on  the  Internet;  not  all  retailers  and 
consumers  will  want  to  accept/use  credit  cord  payments  for  small 
transactions,  and  Mondex,  like  cosh,  con  be  transferred  immediately  and 
does  not  depend  on  checking  the  identity  of  the  person  carrying  it,  or 
whatever  their  credit-rating  may  be.  Speed  and  ease  of  use  ore  of 
paramount  importance  to  both  retailer  and  consumer  and  with  Mondex  this 
is  ensured  by  no  authorisation  calls  having  to  be  made,  no  signatures  to  be 
checked,  no  PIN  numbers  to  be  typed,  no  clearing  process  and  no  delay  in 
receiving  value. 
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Mondex  is  already  conducting  internal  trials  of  existing  software.  Further 
extensive  trials  will  take  place  later  in  the  year  and  it  Is  expected  that 
Mondex  will  go  to  public  trials  in  1997  in  a  number  of  territories  including  the 
US  subject  to  regulatory  approval. 

Midland  Bank  have  probably  the  most  successful  telephone  banking  service 
in  the  UK  coiled  First  Direct.  The  addition  of  Mondex  functionality  to  the  First 
Direct  Service  enables  real  time  completion  of  all  banking  transactions  over 
the  telephone  and  will  further  consolidate  the  strong  franchise  Midland  have 
built  up. 

The  appeal  of  Mondex  will  be  further  enhanced  with  the  arrival  of  a  Mondex 
mobile  phone  effectively  putting  an  ATM  in  any  jacket  pocket. 

We  are  working  very  closely  with  a  wide  range  of  leading  manufacturers 
around  the  world,  e.g.  Hitachi,  Verifone,  Unisys,  Amdahl  and  Key  Corp,  to 
encourage  the  proliferation  of  a  '»yide  range  of  competitively  priced  Mondex 
devices,  such  as  terminals,  balance  readers  and  telephones.  Mondex  seeks 
to  ensure  global  interoperability  of  cords  with  these  devices  by  undertaking  o 
type  approval  process,  to  ensure  compliance  with  a  set  of  International  core 
specifications,  supplied  by  Mondex. 

There  ore  currently  detailed  plans  for  and  actual  implementations  in  seven 
major  economies.  1997  and  the  arrival  of  the  latest  Hitachi  Mondex  chip  in 
the  H8  310  series  will  see  the  start  of  Mondex  rollout  in  a  number  of  locations 
around  the  world  and  the  achievement  of  critical  mass  in  some  contrasting 
market  environments.  This  should  provide  further  learnings  about  whether 
and  what  additional  consumer  and  merchant  applications  are  demanded. 
We  anticipate  that  many  distinctive  segments  to  the  Mondex  card  market 
will  emerge.  These  segments  may  include  those  where  Mondex  will  co-reside 
with  a  wide  range  of  applications  from  access  control  to  networks  such  as 
the  Internet,  loyalty  and  frequent  user  schemes,  credit  and  debit  functionality 
to  personal  records,  etc.  Combinations  of  applications  may  be  loaded  on  a 
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card  alongside  the  Mondex  application  using  a  mulli  application  operating 
system  to  support  them. 

Mondex  is  a  key  enabling  technology  which  is  expected  to  catalyse  the 
development  of  numerous  other  businesses  which  ore  just  not  possible  in  a 
purely  currency  and  coins  environment.  Mondex,  uniquely,  has  the  ability  to 
be  used  interchangeably  for  cash  transactions  in  the  shopping  mall  and  the 
information  superhighway. 

International  innplications  of  electronic  commerce  and  currency,  its  potential 
to  supplant  national  currencies 

Mondex  has  been  designed  to  work  in  many  currencies,  with  a  number  being 
capable  of  being  held  on  the  chip  at  any  one  time.  Consequently,  a 
businessman  or  tourist  would  be  able  to  load  Sterling,  French  Francs  and 
German  Marl<s  on  their  card  before  they  travel  to  Europe;  alternatively,  they 
could  request  these  currencies  to  be  loaded  via  the  telephone  once  they 
arrive  in  Europe.  Technically  the  number  of  currencies  that  could  be  offered 
is  wide  and  could  include  artificial  currencies  lil<e  the  SDR  (SpeciaJ  Drawing 
Rights)  or  new  currencies  lil<e  the  proposed  ""Euro"  -  the  single  European 
Union  currency. 

To  the  extent  that  Mondex  replaces  physical  cash  and  that  Mondex  is  more 
auditable  than  physical  cash  it  will  provide  central  bankers  with  more 
accurate  information  about  the  behaviour  of  monetary  aggregates  and 
potentially  more  control. 

Prospects  for  transnational  setf-regulatlon 

Early  in  the  development  of  Mondex,  it  was  recognised  that  the  introduction 
of  electronic  cash  would  raise  a  number  of  issues  with  regulators  around  the 
world.  These  issues  including  consumer  protection,  protection  of  payment 
systems,  money  laundering,  system  risk,  security  and  monetary  policy,  apply 
to  all  types  of  electronic  money  Involving  multiple  Issuers  and/or  multiple 
acceptors  of  such  money. 
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Further,  it  was  apparent  that  existing  commercial  and  financial  legislation 
does  not  translate  easily  into  the  new  world  of  electronic  commerce,  often 
having  been  drafted  before  the  introduction  of  computers,  let  alone  smart 
cards  such  as  Mondex.  The  international  nature  of  the  Internet  and  other 
electronic  commerce,  including  electronic  money,  also  raises  additional 
issues  specific  to  the  new  environment. 

Regulators  all  over  the  world  also  need  to  consider  whether  their  current 
regulatory  frameworks  ore  appropriate  to  deal  with  electronic  cosh. 
Although  electronic  cosh  possesses  certain  features  which  appear  similar  to 
deposit  taking,  it  is  not  and  consequently  does  not  fit  neatly  into  existing 
regulatory  regimes.  It  is  also  important  to  bear  in  mind  the  dangers  of 
premature  regulation  and  Mondex  welcomes  the  publicly  stated  view  of  the 
Federal  Reserve  before  this  Subcommittee  lost  fall  that  it  will  observe 
developments  in  the  industry  before  introducing  any  specific  Regulatory 
Controls.  (1) 

The  successful  development  of  electronic  commerce  will  depend  on  a 
measured  and  considered  approach  to  the  evolution  of  regulation  in 
consultation  with  the  public  and  private  sector,  Regulators  and  private 
enterprise  should  work  together  to  construct  a  regulatory  framework  which  is 
appropriate  and  which  will  allow  the  efficient  development  of  economic 
commerce. 

(1)  Statement  of  Alan  S  Blinder,  Vice  Ctiairman,  Board  of  Governors  of  the 
Federal  Reserve  System  at  page  2  in  The  Future  of  Money  -  Part  2,  Hearing 
before  the  Subcommittee  on  Domestic  and -International  Monetary  Policy  of 
the  Committee  on  Banking  and  Financial  Services,  House  of  Representatives, 
at  page  62  (October  1 1,  1995). 
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The  almost  universal  availability  of  acceptable  telecommunication  netv\^orks 
has  created  a  global  economic  environment  increasing  the  need  for 
international  co-operation  among  the  regulators  -  something  which  v*/e  are 
pleased  to  note  is  beginning  to  develop  in  respect  to  electronic  cash. 

We  are  witnessing  the  emergence  of  payment  systems  designed  specifically 
for  the  Internet  (and  also  existing  payment  systems  developing  ways  to  adapt 
to  this  virtual  world).  In  addition,  the  face  of  payment  systems  in  the  physical 
world  is  changing  rapidly  -  particularly  for  the  retail  market.  This  is  due  to  the 
maturing  of  existing  technologies  and  the  introduction  of  new  technologies, 
such  as  smart  cords. 

The  spectrum  of  stored-voiue  cord  products  range  from  pre-authorised  debit 
cords  to  true  electronic  cosh.  There  are  single  purpose  cards  like  phone 
cords  and  moss  transit  cards  which  sometimes  hove  some  sort  of  general 
purpose  use  like  cords  issued  for  the  Hong  Kong  transit  system.  Mondex  has 
been  developed  in  such  a  way  that  it  is  ideally  suited  to  operating  in  either 
the  virtual  or  real  worlds,  offering  on  economic  and  secure  method  of 
payment  for  transactions  of  small  and  medium  value  at  oil  retail  locations 
(that  is,  those  usually  undertaken  with  cash). 

All  open  stored  value  cord  systems  raise  issues  arising  from  the  need  of  users 
to  retain  trust  and  confidence  in  payment  systems,  and  the  effect  that  failure 
of  0  stored  value  payment  system  would  hove  on  that  confidence.  Such 
failure  arises  from  a  systems  inability  to  identify,  contain  and  recover  from  an 
attack  on  it  from  counterfeiters  and  other  purveyors  of  fraud.  This  leads  to 
the  issue  of  the  need  for  regulation  of  issuers  and  systems,  either  by 
themselves  (that  is,  within  the  confines  of  a  system's  rules)  or  by  public 
regulators. 

I  have  already  explained  how  Mondex  has  incorporated  necessary  security 
procedures  into  the  product,  to  protect  itself  from  such  attack,  and  has  built 
suitable  protection  and  governance  procedures  to  be  able  to  recover  from 


16 


78 


the  extremely  unlikely  event  of  a  successful  and  material  counterfeiting 
attack.  Mondex  has  undertaken  detailed  consultation  with  regulators 
around  the  world  to  ensure  that  they  are  satisfied  with  the  protection  and 
procedures  involved. 

Virtually  all  systems  potentially  face  attack  and  will  need  to  satisfy  regulators 
of  the  measures  they  take  to  assure  security.  There  is  a  need  for  regulators  to 
look  at  the  systems  which  are  to  be  put  in  place  and  determine  their  security 
effectiveness,  especially  where  there  is  no  ability  to  reconcile  the  shadow 
accounts  of  cardholders,  due  to  truncation  of  data  within  the  system. 

Banks  have  traditionally  worked  with  regulators  to  establish  a  degree  of  self 
regulation.  However,  given  the  importance  of  the  issues  surrounding  the 
security  of  electronic  cosh  systems,  it  is  not  likely  that  self-regulation  within  the 
industry  will  be  sufficient.  There  is  also  a  need  for  the  regulators  to  ensure  that 
there  is  adequate  protection  to  the  cardholder  against  the  insolvency  of  the 
card  issuer,  either  through  some  combination  of  depositor  protection  or  float 
regulation  like  Mondex. 

The  existence  of  international  systems  such  as  Mondex  will  provide  a  measure 
of  consistency  when  dealing  with  cross-border  transactions  (i.e.  those  in  a 
currency  other  than  the  currency  of  the  country  of  at  least  one  of  the  parties 
to  the  transaction).  However,  it  would  be  beneficial  If  the  regulators  in  the 
various  territories  also  applied  a  consistent  approach  to  the  issues. 
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For  more  information; 
Henning  N.  Jensen 
Managing  Director 
DANM0NT  A/S 
(+45)  43  44  99  99 

DAi\M0NT  STORED  VALUE  SPECIFICATION 
LICENSED  BY  VISA 

Cooperative  effort  will  become  part  of 

VISA  Stored  Value  Card  System  Announced  Today 

COPENHAGEN,  March  28,  1995  -  DANM0NT  announced  today  that  it  has  licensed  its  stored 
value  card  specification  to  Visa,  the  world's  largest  consumer  payment  system.  Visa  is 
incorporating  portions  of  the  D ANM0NT  specification  into  its  own  stored  value  card  system  cur- 
rently being  launched  around  the  world. 

In  addition.  Visa  and  DANM0NT  are  working  together  to  develop  the  Visa  reloadable  stored 
value  card  system,  which  complies  with  the  financial  services  industry's  integrated  circuit  card 
(ICC)  specifications.  Since  beginning  work  on  stored  value  cards.  Visa's  stated  strategy  has 
focused  on  providing  consumers  with  an  open  global  system  that  ensures  acceptance  of  its  stored 
value  cards  and  the  ability  to  load  value  on  a  card  the  world  over.  This  is  a  key  strategic  differen- 
tiator to  current  stored  value  systems  that  are  limited  to  one  country  or  market. 

Under  the  agreement.  Visa  is  utilizing  the  DANM0NT  specifications  that  define  five  areas  of 
stored  value  card  use:  clearing  and  administration;  transaction  collection;  terminals;  security;  and 
the  cards  themselves.  Financial  terms  were  not  disclosed. 

Henning  N.  Jensen,  managing  director  of  DANM0NT,  said,  "We  consider  this  agreement  a 
breakthrough  for  the  D  ANM0NT  concept.  It  proved  to  be  of  vital  importance  that  we  in  Denmark 
were  the  first  to  develop  an  "open"  system  that  could  make  a  major  contribution  to  Visa's  interna- 
tional system." 

In  addition,  DANMONT's  technical  staff  are  major  contributors  to  the  EU  CENA"echnical  Com- 
nuttee  224AVorking  Group  10,  which  defines  -  among  other  things  -  the  elements  required  for 
interoperability  of  stored  value  cards  across  national  borders. 

Michael  Nash,  senior  vice  president  of  cash  products  for  Visa,  said,  "By  utilizing  proven  facets 
of  DANM0NT  and  other  working  systems.  Visa  can  help  its  member  financial  institutions  enter 
the  market  quickly  with  stored  value  card  products.  Tlorough  a  series  of  carefully  planned  pilots, 
we  will  initiate  stored  value  cards  around  the  world  to  meet  consumer  demand  for  an  alternative 
to  cash." 

The  DANM0NT  .system 

DANM0NT's  stored  value  card  is  designed  to  replace  cash  and  coin.  Consumers  can  purchase 
the  chip  cards  themselves  at  financial  institutions,  tele  shops,  post  offices,  kiosks,  and  filling  sta- 
tions. The  current  DANM0NT  caid  is  disposable,  with  a  reloadable  card  system  to  be  available 
this  summer. 
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The  card  currently  has  the  face  value  of  100-300  Danish  Kroner.  The  exact  amount  used  at  each 
purchase  is  drawn  from  the  card  automatically.  Before  and  after  the  purchase,  the  remaining  bal- 
ance can  be  seen  on  a  display  of  the  terminal. 

Both  disposable  and  reloadable  cards  can  be  used  at  a  series  of  service  providers,  such  as  tele- 
phones, laundries,  canteens,  parking  meters,  stamp  postage  machines,  fast  food  outlets,  conve- 
nience stores,  and  chargers  for  electric  cars. 

DANM0NT  A/S  is  the  coordinating  and  marketing  company  of  the  DANM0NT  system  and  the 
guarantor  for  all  issued  DANM0NT  cards.  The  company  was  formed  by  the  Danish  telecommu- 
nications company,  Tele  Denmark,  and  Danish  Payment  Systems  Ltd.  (PBS). 

Visa  is  the  largest  consumer  payment  system  in  the  world  with  more  than  12  million  acceptance 
locations.  Visa  member  financial  instimtions  have  issued  more  than  390  million  cards  worldwide, 
including  205,7  in  the  United  States.  Visa  also  has  the  leading  global  ATM  network. 
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DANM0NT    NEWSLETTER 


TEE  RKLOADABLB  DANM0MT  CARD 

DANM0NT  has  finalized  the  development  of  the  reloadable 
DANM0NT  card.  After  the  pilot  test  this  autumn  the 
technology  will  be  available  for  the  interested  parties. 
The  first  reloadable  card  is  based  on  a  Siemens  IC 
(44C40)  and  the  implementation  has  been  made  by  Giesecke 
&  Devrient.  S-Card  and  dz  denmark  are  certified  as  the 
first  manufacturers  to  offer  reloadable  DANM0NT  cards  to 
their  customers . 

THE  FIRST  RELOADABLE  CARD  IM  PILOT  TEST  AT  PBS 

A  test  installation  will  be  placed  at  Danish  Payment 
Systems  Ltd.  (PBS) ,  where  five  soft  drink  and  fast-food 
vending  machines  and  two  cash  registers  in  the  cafeteria 
will  have  their  SAM's  changed  to  accept  reloadable 
DANM0NT  cards.  Consequently,  PBS  will  be  the  first  place 
where  it  will  be  possible  to  reload  cards,  pay  with 
reloadable  cards  and  still  use  disposable  cards. 

PARKING  METERS  IN  AARHUS 

During  September  three  parking  meters  in  downtown  Aar- 
hus,  the  second  largest  city  in  Denmark,  will  be  con- 
verted to  accept  DA>JM0NT  cards  as  well  as  coins  as  means 
of  payment . 

AUTOMATIC  TICKET  MACHINE  FOR  MASS  TRANSIT 

The  first  five  automatic  ticket  machines  are  now  operat- 
ing on  Norreport  Station  and  as  soon  as  possible  another 
13  automatic  ticket  machines  will  be  installed  on  the 
main  mass  transit  stations  in  Copenhagen. 

1000  YEARS  ANNIVERSARY  OF  THE  FIRST  DANISH  COIN 

In  conneccior.  with  the  1000  years  anniversary  of  the 
first  Danish  coin  six  different  DANM0NT  cards  have  been 
issued  illustrating  1000  years  of  Danish  history  of 
coins.  The  DANM0NT  cards  are  issued  in  cooperation  with 
the  'Royal  Mint  and  Collection  of  Medals',  the  'National 
Museum'  and  the  'Danish  Numismatic  Society' . 
The  coins  will  be  showed  at  the  exhibition  on  the 
National  Museum,  which  was  opened  by  the  Governor  of  the 
Central  Bank  on  September  13,  this  year. 
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DgVELOPMSMT  IN  TRANSACTIONS 

The  number  of  DANM0NT  payments  is  still  growing.  In  the 
second  quarter  of  1995  480,106  transactions  were  made, 
which  is  an  increase  of  16  %  compared  to  the  first  quar- 
ter of  1995. 


Transactions 

(1000) 
500    -1 


DANMgNT  IN  50  CITIES 

DANM0NT  cards  can  now  be  used  in  50  cities  all  over  the 
country.  Brcnderslev  and  Hornslet  in  Jutland  and  Farum 
and  Greve  in  Sealand  have  recently  been  added. 

FURTHER  CERTIFICATES  ISSOBD 

DANM0NT  has  certified  the  payment  panel  for  laundrettes 
from  Dans^c  Automat fabrik.  Furthermore,  the  recharging 
stand  for  electrical  cars  from  Hamag  and  the  integration 
solution  between  the  Unitec  cash  register  and  a  Hamag 
terminal  have  been  certified. 

A  LOT  OF  NEW  DANM0NT  CARDS 

A  lot  of  new  exiting  DANM0NT  advertisement  cards  have 
been  issued  lately,  among  others  Donald  Duck,  AVIS  (car 
rental),  Siemens,  Miele  (laundrettes),  dz  printed  forms 
and  Tele  Denmarlc.  Furthermore,  a  series  of  four  very 
nice  looking  cards  with  local  sceneries  have  been  issued 
by  Vordingborg  Bank . 

FOR  FURTHER  INFORMATION.  PLEASE  CONTACT  DANMgNT 'S 
MANAGING  DIRECTOR  HENNING  N.  JENSEN 
TEL.:  +45  43  44  99  99. 


25-365  96-4 
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AUTOMATIC  TICICET  MACHINES  AT  MASS  TRANSIT  STATIONS 

In  continuation  of  a  comprehensive  test,  the  consumers 
for  a  couple  of  months  have  had  the  opportunity,  suc- 
cessfully, to  try  the  first  automatic  ticket  machine  at 
Norreport  Station.  On  October  5,  1995  the  automatic 
ticket  machines  at  Narreport  mass  transit  station  were 
officially  opened  by  the  Danish  State  Railways  and  from 
this  day  the  consumers  could  use  the  first  18  automatic 
ticket  machines  at  the  main  mass  transit  stations  in 
downtown  Copenhagen . 

COMMONICATION  CENTER  AT  gSTERBRO  POST  OFFICE 

As  the  first  post  office  in  Denmark,  ©sterbro  Post 
Office  now  gives  the  customers  the  opportunity  of  send- 
ing facsimiles  and  taking  photocopies  themselves  by  pay- 
ing with  a  DANM0NT  card.  Furthermore,  they  have  placed  a 
telephone  and  a  stamp  postage  machine  in  the  same  area 
where  you  also  pay  with  your  DANM0NT  card  only. 

THE  FIRST  CENTER  FOR  DISABLED  WITH  DANM0WT 

The  Lejbjerg  Center  in  Aalborg  has  now  installed  DANM0NT 
in  their  canteen.  The  center  for  disabled  has  300  daily 
users  and  expects  that  DANM0NT  will  be  a  success  since 
it  is  far  more  convenient  for  the  disabled  to  use 
DANM0NT  cards  instead  of  coins . 

Dan-Eiendomme   RECOMMENDS  DANMgNT  TO  THE  LADNDRETTES 

The  real-estate  administrator  Dan-Ejendonme  has  decided 
to  recommend  DANM0NT  as  a  means  of  payment  to  their  cus- 
tomers in  connection  with  establishment  of  new  laun- 
drettes  as  well  as  laundrettes  to  be  renovated. 

ANOTHER  SUPPLIER  IS  CERTIFIED 

HEC,  supplier  of  laundrettes,  has  had  their  laundry  pay- 
ment panel  certified  after  having  been  in  a  pilot  test 
in  several  laundrettes  since  August  this  year. 

DONALD  DUCK  ADVERTISEMENT  CARDS 

Among  the  many  new  advertisement  cards  the  cards  from 
Serieforlaget  especially  -  which  represents  Walt  Disney 
in  Denmark  -  with  Donald  Duck  have  attracted  attention 
as  the  card  holder  gets  a  free  issue  of  the  Mickey  Mouse 
magazine  by  returning  the  empty  DANM0NT  card  to  Serie- 
forlaget. Probably  an  idea  which  will  be  a  part  of  the 
considerations  of  new  advertisement  buyers. 
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CONTINUED  GROWTH  IN  THE  NDMBER  OF  TRANSACTIONS 

Continuously,  there  is  a  positive  increase  in  the  number 
of  transactions.  In  the  third  quarter  1995  545.000 
transactions  were  made,  which  -  in  spite  of  the  holiday 
season  -  is  an  increase  of  14%  in  relation  to  the  second 
quarter  1995. 
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THE  ROYAL  BRIDAL  PAIR  ON  DAMM0NT  CARDS 

On  the  occasion  of  the  wedding  of  H.R.H.  Prince  Joachim 
and  miss  Alexandra  Manley  on  November  18  DANMONT  issued 
two  DANM0NT  cards  with  a  picture  of  the  bridal  pair.  On 
page  two  of  the  cards  are  pictures  of  Frederiksborg 
Church,  where  the  wedding  took  place  and  Schackenborg 
Castle,  where  the  young  couple  are  going  to  live  in  the 
future.  The  cards  were  issued  with  a  face  value  of  100 
as  well  as  200  Danish  kroner  and  were  totally  sold  out 
in  less  that  two  weeks. 

MARKETING  CAMPAIGN  IN  COPENHAGEN 

In  connection  with  the  new  services  in  Copenhagen  - 
stamp  postage  machines  and  automatic  ticket  machines  - 
the  so-called  "Street  Walkers"  will  demonstrate  the  use 
of  DANM0NT  for  the  consumers  by  the  services.  Further- 
more, DANMONT  will  advertise  on  "Go  Card"  post  cards, 
beer  mats  and  on  advertisement  boards  in  the  mass  tran- 
sit trains.  On  a  number  of  large  educational  institu- 
tions the  attention  is  also  attracted  to  DANM0NT  with 
"Street  Walkers"  and  competitions. 


FOR  FORTHER  INFORMATION.  PLEASE  CONTACT  DANM0NT'S 

MANAGING  DIRECTOR  HENNING  N.  JENSEN 

TEL.:  +A5    43  44  99  99.  FAX.:  ^^45  43  44  90  30 
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TRANSACTION  DEVELOPMENT  IM  1995 

In  the  fourth  quarter  1995  699.289  transactions  were 
made,  which  is  an  increase  of  28%  compared  to  the  third 
quarter  of  1995.  The  total  number  of  transactions  in 
1995  were  2.138.487.  This  is  an  increase  of  122% 
compared  to  1994. 
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REDUCTION  IN  THE  TRANSACTION  FEE 

Due  to  the  positive  development  in  the  DANM0NT  system 
with  even  more  places  where  you  can  use  the  card  and 
since  the  growing  number  of  transactions  is  expected  to 
continue  in  1996,  DANM0NT  has  decided  to  reduce  the 
transaction  fee.  Consequently,  from  February  1,  1996  the 
fee  per  transaction  of  DKK  0.20  has  been  reduced  to  DKK 
0.18. 

TELE  DENMARK  INSTALLS  5.000  CHIP  CARD  PAYPHONES 

Tele  Denmark  has  ordered  5,000  chip  card  payphones  to  be 
delivered  in  1996/97.  It  is  a  quite  new  kind  of  payphone 
which  will  be  able  to  accept  Eurochip  cards  from  Tele 
Denmark  as  well  as  DANM0NT  cards.  The  existing  card  pay- 
phones  in  downtown  Copenhagen  as  well  as  in  the  greater 
Copenhagen  mass  transit  system  will  be  replaced  before 
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the  summer  of  1996.  The  remaining  parts  of  Denmark  will 
be  covered  in  the  period  until  autumn  1997.  At  this 
point  of  time  there  will  be  one  payphone  which  accepts 
DANM0NT  per  1.000  inhabitants  in  Denmark. 

NEW  DAWM0NT  SERVICE 

Roskilde  Tennis  Club  has  installed  a  automatic  lighting 
system  in  their  tennis  courts  where  you  can  pay  with 
your  DANM0NT  card.  When  you  have  made  a  transaction,  the 
light  will  turn  on  at  the  court  you  want  to  play  at . 

EVEN  MORE  SUPPLIERS  CERTIFIED 

Hamag  Elektronik  A/S  have  had  their  payment  terminal 
certified  and  SANIVA  their  payment  panel  for  laun- 
drettes.  Furthermore,  Automat forplejning  A/S  has  got  a 
certificates  on  their  payment  modules  for  Wittenjborg 
snack  machines  model  no.  400  and  440  and  the  American 
Dixie-Narco   snack  machine. 

DAMM0NT  IN  THE  CAFETERIAS  IN  DENMARK'S  LARGEST  BANK 

Last  year  Den  Danske  Bank  installed  DANM0NT  as  means  of 
payment  in  their  cafeteria  in  a  main  branch  outside 
Copenhagen.  The  installation  was  a  success  among  the 
employees.  Since  then  other  bank  branches  in  the  center 
of  Copenhagen,  Aarhus  and  Aalborg  have  installed  DANM0NT 
as  the  payment  system  in  their  self  service  cafeteria 
concept . 

DANM0NT  ON  THE  INTERNET 

DANM0NT  is  now  on  the  Internet.  On  the  address 
WWW:  ICCard.dk  you  can  read  the  latest  Newsletter  and  at 
the  same  time  look  at  some  of  the  existing  DANM0NT 
cards.  On  these  pages  you  will  also  find  information 
about  Collector ' s   Service. 

FIRST  DANM0NT  CARD  MADE  OF  WOOD 

A  new  production  process  by  the  Swedish  company  ECO  CARD 
AB  has  made  it  possible  for  dz  denmark  to  produce  "plas- 
tic cards'  with  chip,  where  the  card  itself  is  made  of 
laminated  birch  wood.  The  material  respects  all  interna- 
tional standards.  On  page  two  of  the  card  the  consumer 
is  kindly  asked  to  return  the  empty  card  to  DANM0NT  and 
describe  their  experience  by  using  the  new  "wooden 
card".  Consumers  who  return  their  card  will  receive  a 
special  edition  DANM0NT  card  as  an  appreciation  for 
their  interest.  The  consumers  comments  will  be  included 
in  the  evaluation  report  about  this  new  card  technology. 


FOR  FURTHER  INFORMATION.  PLEASE  CONTACT  DANMgNT'S 

MANAGING  DIRECTOR  HENNING  N.  JENSEN 

TEL.:  +A5    43  44  99  99.  FAX.:  ■»45  43  44  90  30 
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TRAMSACTION  DEVELOPMENT  IN  THE  FIRST  QDARTBR  OF  1996 

In  the  first  quarter  of  1996,  745.501  transactions  were 
made,  which  is  an  increase  of  7%  compared  to  the  fourth 
quarter  of  1995.  The  DANM0NT  cards  have  now  been  used 
more  than  4  million  times  in  total  with  an  average 
transaction  value  of  app .  DKK  9  (US$  1,50). 
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CAMPAIGN  IN  COPENHAGEN 

Some  of  the  strategic  Service  Providers  are  intensifying 
their  DANM0NT  activities: 

•  Tele  Denmark  is  in  May  and  June  replacing  all 
their  550  telephones  in  Copenhagen  and  on  the 
mass  transit  stations  in  the  greater  Copenhagen 
area, 

•  Post  Denmark  installs  another  16  stamp  postage 
machines  in  Copenhagen  and  the  suburbs, 

•  The  Greater  Copenhagen  Mass  Transit  System  starts 
converting  all  of  their  143  automatic  ticket 
machines  on  all  stations,  and 

•  DSB  -  the  Danish  State  Railways  -  restaurants  and 
kiosks  install  additional  POS  terminals  on  sev- 
eral mass  transit  stations  and  on  the  Central 
Station. 
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Due  to  these  enhanced  major  services  DANM0NT  has  chosen 
to  campaign  towards  the  customers  in  a  rather  untradi- 
tional  way  during  the  month  of  June. 

500.000  Chinese  fortune  cookies  will  be  distributed  in 
downtown  Copenhagen  by  20  'street  walkers"  and  through 
250  bank  branches,  post  offices,  card  sales  outlets  and 
on  more  than  80  stations  in  the  Mass  Transit  System. 
Furthermore,  fortune  cookies  in  DANM0NT  displays  can  be 
found  in  cinemas  and  cafes  all  over  Copenhagen. 
The  purpose  of  the  campaign  is  to  highlight  the  benefit 
of  the  DANM0NT  card  as  a  multi  service  card  and  in  this 
way  convert  customers  from  the  single  service  tele  card 
to  DANM0NT.  The  theme  of  the  campaign  is:  'Use  DANM0NT 
for  card  pay  phones  and  500  other  things". 

DANM0NT  AT  CITY  FESTIVALS 

On  the  occasion  of  the  125th  anniversary  of  the  savings 
bank  'Sparekassen  Hinmerland"  in  Jutland,  the  savings 
bank  participates  in  a  number  of  local  festivals  during 
the  summer.  "Sparekassen  Hinmerland"  installs  DANM0NT 
terminals  in  the  stalls  at  the  festivals.  Furthermore, 
they  have  issued  a  limited  edition  of  DANM0NT  cards  with 
their  own  design. 

DAMMONT  CARDS  ON  THE  MUSEUM  OF  INDOSTRIAIi  DESIGN 

Unibank  -  the  second  largest  bank  in  Denmark  -  has 
issued  a  series  of  very  stylistic  card  designs  by  the 
designer  mr.  Johan  Adam  Linneballe.  Right  now  these 
cards  are  shown  at  an  exhibition  of  Danish  graphical 
design  at  the  Museum  of  Industrial  Design. 

SURREALISTIC  "PALI"  MULTI  SERVICE  PUZZLE  -  4  CARDS 

In  order  to  "celebrate"  all  the  new  major  installations 
in  Copenhagen  there  has  been  issued  50,000  surrealistic 
"Dali"  multi  service  puzzle  cards  designed  by  the  artist 
Frederick  Preston  and  produced  by  Giesecke  &  Devrient . 
The  puzzle  gives  a  very  good  idea  of  all  the  different 
services  where  DANM0NT  can  be  used.  These  cards  have 
already  been  a  big  success  among  the  collectors. 

CERTIFICATE 

The  producer  of  laundrettes,  AfieJe,  has  got  a  certifi- 
cate on  their  new  controlling  system  called  MULTI  2000 
to  be  used  in  housing  laundrettes. 

NEW  EMPLOYEE  AT  DANM0NT 

On  May  1,  1996  Lars  K^aergaard  was  employed  by  DANM0NT  as 
Vice  President,  Support. 

FOR  FURTHER  INFORMATION.  PLEASE  CONTACT  DANMgNT'S 

MANAGING  DIRECTOR  HENNING  N.  JENSEN 

TEL.:  -t-^S  43  44  99  99.  FAX.:  ■»45  43  44  90  30 
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Reprint  from  Danmarks  Nationalhank's  Moneury  Review  -  August  1994. 


Prepaid  Cards 

by  Jan  Thorndal,  Monetary  Policy  Depanment 

Introduction 

The  use  of  payment  instruments  has  changed  significantly  within  the  last  ten 
years  in  Denmark.  Previously,  the  cheque  was  by  and  large  the  only  alternative 
to  cash,  but  today  payment  cards  are  used  more  frequently  than  cheques. 
However,  for  low  value  payments  cash  is  still  more  frequently  used  than  cheques 
or  payment  cards. 

The  multipurpose  prepaid  card  is  a  new  payment  instrument  developed  in 
recent  years.  The  prepaid  card  is  intended  to  be  an  alternative  to  cash  for  low 
value  payments. 

In  the  autumn  of  1992  DANM0NT,  the  Danish  prepaid  card  project,  was 
initiated.  After  a  successful  trial  period  extension  of  the  system  to  nationwide 
coverage  has  begun. 

Prepaid  cards 

There  are  basically  two  types  of  prepaid  cards:  single  purpose  cards  for  closed 
systems  and  multipurpose  cards  for  open  systems. 

The  closed  system  is  the  least  advanced.  In  this  system  the  prepaid  card  is 
earmarked  as  payment  for  one  specific  service  (single  purpose).  Phone  cards  and 
cards  for  public  tnnsport  are  well-known  examples  of  this  type  of  card. 

The  closed  system 


Service  provider      ; Card  issuer 


In  the  closed  system  the  card  issuer  and  service  provider  arc  usually  the  same, 
e.g.  a  telephone  company.  The  advantage  of  the  closed  system  is  that  it  is  simple, 
inexpensive  and  easy  to  implement.  The  crucial  disadvantage  is  the  very  limited 
use  of  a  panicular  prepaid  card. 

In  the  open  system  the  prepaid  card  is  universal  and  can  therefore  be  used  as 
payment  for  a  large  number  of  services  (multipurpose).  The  universal  prepaid 
card  is  also  referred  to  as  the  elearonic  purse. 
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The  open  system 

Service  prtwider       1 

,  :  Csrd  issuer 

S^„^r,Mer       I 1  ' 

1  I  \  i 

' Cardissuer 

Service  provider       ' 

A  characteristic  feature  of  the  open  system  is  that  there  are  seveial  service 
providers  and  one  or  more  independent  card  issuers  (card  vendors).  The  fun- 
damental advantage  of  the  open  system  is  the  general  use  of  the  prepaid  cards. 
On  the  other  hand,  the  open  system  requires  a  high  level  of  system  security  and  a 
well-funaioning  clearing  system. 

The  prepaid  card  itself  is  usually  a  plastic  card  of  the  same  dimensions  as  a  nor- 
mal payment  card.  Technically  the  card  can  be  either  a  magnetic-stripe  card  or  a 
chip  card,  the  latter  being  the  preferred  alternative  for  prepaid  card  systems.  This 
is  not  least  due  to  the  chip  card's  superiority  over  the  magnetic-stripe  card  from 
both  the  technological  and  security  aspects. 

There  are  rwo  versions  of  the  chip  card,  i.e.  a  memory  card  and  a  processor 
card.  The  memory  card  is  relatively  simple.  It  can  only  be  charged  with  value 
once  and  will  then  count  down  the  remaining  value  on  the  card.  The  processor 
card  is  far  more  advanced.  It  can  be  recharged  and  can  have  other  funaions  than 
as  a  prepaid  card.  For  instance,  the  processor  card  can  be  a  prepaid  card,  admis- 
sion card  and  subscriber  card  all  at  the  same  time. 

The  EU  central  banks'  report  on  prepaid  cards 

In  February  1993  the  EU  central  banks  appointed  a  special  working  group  to 
study  the  consequences  for  central  banks  of  multipurpose  prepaid  cards  (the  elec- 
tronic purse).  The  result  of  this  work  is  described  in  a  report  on  prepaid  cards') 
approved  by  the  EMI  Council  and  published  in  May  1994. 

The  main  conclusion  of  the  repon  is  that  only  credit  institutions  should  be 
allowed  to  issue  elearonic  purses. 

However,  individual  EU  central  banks  may  in  spedal  circumstances  grant  dis- 
pensation from  this  requirement  and  permit  issuers  other  than  credit  institu- 
tions. The  preconditions  for  such  exemption  are  that  the  system  operates  solely 
in  the  home  country,  that  the  issuer  is  subject  to  appropriate  regulation  and  that 
the  issuer  is  supervised  by  the  institution  which  supervises  cret^t  institutions  in 
the  relevant  country. 


')  Report  to  the  Council  of  the  European  Monetary  Institute  on  Prepaid  Cards,  1994. 


102 


The  conclusion  is  based  on  an  analysis  of  the  implications  of  the  multipurpose 
prepaid  card  for  the  central  banks.  The  analysis  is  divided  into  three  areas:  the 
implications  for  the  oversight  of  payment  systems,  the  implications  for  monet- 
ary policy  and  the  consequences  of  a  reduction  in  the  use  of  notes  and  coin. 

The  approach  as  regards  the  oversight  of  payment  systems  is  that  the  central 
banks  have  a  general  obligation  to  ensure  stable  and  efficient  payment  systems  in 
their  respeaive  countries.  The  central  banks  are  not  normally  concerned  with 
retail  payment  systems.  However,  the  satisfactory  functioning  of  such  systems  is 
important.  Otherwise  general  confidence  in  payment  systems  and  means  of  pay- 
ment might  be  weakened.  Thus  both  the  issuer  and  the  payment  instrument 
should  meet  certain  minimum  standards. 

In  principle,  the  issue  of  multipurpose  prepaid  cards  is  equivalent  to  receiving 
deposits  from  the  general  public  It  can  be  ar^ed  that  issuing  prepaid  cards 
should  be  subject  to  the  same  regulation  as  receiving  deposits  and  should  thus 
only  be  possible  for  credit  institutions.  Alternatively,  issuers  of  prepaid  cards 
could  be  subject  to  appropriate  equivalent  regulation,  particularly  with  regard  to 
liquidity  requirements. 

Certain  security'  requirements  should  be  made  of  the  prepaid  card  itself,  as  well 
as  of  the  card  system,  in  order  to  prevent  the  use  of  counterfeit  cards. 

The  consequences  for  monetary  policy  can  be  expeaed  to  be  limited  since  the 
prepaid  card  is  in  reality  only  a  substitute  for  other  types  of  money,  i.e.  notes, 
coin  and  demand  deposits.  In  the  longer  term  there  may  be  a  need  to  include 
outstanding  card  balances  in  the  money  supply.  However,  this  is  more  a  statist- 
ical issue  than  a  monetary-policy  issue. 

In  itself  the  prepaid  card  can  be  expeaed  to  affect  coin  circulation  more  than 
note  circulation.  However,  the  effea  of  the  prepaid  card  on  notes  and  coin  in 
circulation  should  be  viewed  in  conjunction  with  the  effea  of  other  payment  in- 
struments, including  in  particular  payment  cards.  The  overall  impaa  of  the  new 
payment  instruments  is  likely  to  be  a  gradual  reduction  in  the  relative  use  of 
notes  and  coin.  Since  notes  and  coin  do  not  bear  interest  any  reduaion  in  note 
and  coin  circulation  will  imply  a  decrease  in  the  profit  to  the  central  bank  and 
the  Government  from  the  issue  of  notes  and  coin  (seigniorage). 

Development  of  the  DANM0NT  system 

The  first  proposals  concerning  a  Danish  prepaid  card  were  published  in  April 
1989  in  a  joint  report  by  KTAS  (Copenhagen  Telephone  Company),  HT 
(Copenhagen  Transpon)  and  PBS  (The  Danish  Payment  Systems,  Ltd.)').  Ac- 
cording to  this  report  a  multipurpose  prepaid  card  has  a  number  of  general  ad- 
vantages: it  is  convenient  for  the  consumer,  it  increases  sales  (in  vending 
machines,  etc),  it  can  be  distributed  effeaively  and  it  reduces  the  volume  of  coin 
handled.  In  addition,  vandalism  of  card  systems  is  very  limited.  Besides  these 


')  KTAS  -  HT .  PBS  Report  on  Prepaid  Cirds  (in  Danish).  1989. 
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general  advantages,  the  three  parties  behind  the  report  saw  various  individual 
benefits  from  the  prepaid  card:  KTAS  would  in  any  case  replace  the  vulnerable 
pay  phones  with  card  phones,  HT  wished  to  substitute  the  old  ticket-issuing 
method  with  plastic  cards  and  PBS  wanted  a  system  for  low  value  purchases 
which  was  less  expensive  than  the  Dankort  system.  The  repon  therefore  con- 
cluded that  KTAS,  HT  and  PBS  had  a  specific  interest  in  developing  a  universal 
Danish  prepaid  card  and  that  the  parties  would  benefit  from  cooperating  in  a 
number  of  areas. 

A  consequence  of  the  repon  was  a  cooperation  agreement  of  January  1990  be- 
tween KTAS  on  behalf  of  the  telephone  companies,  and  PBS  on  behalf  of  the 
banks.  The  fir^t  objective  was  to  specify  what  was  envisaged  concerning  the 
universal  prepaid  card. 

In  June  1991  the  company  DANM0NT  was  established  for  the  aaual  de- 
velopment and  implementation  of  the  prepaid  card  system.  KTAS  and  PBS  each 
contributed  half  of  the  share  capital. 

In  the  period  from  September  1,  1992  to  March  1,  1993  the  DANM0NT  sys- 
tem was  tested  in  the  town  of  Nsestved.  The  trial  period  was  successful  and  after 
its  conclusion  the  nationwide  extension  of  the  system  commenced.  Today,  the 
DANM0NT  system  is  available  in  27  towns,  including  Copenhagen,  and  can  be 
used  for  a  total  of  338  individual  services. 

At  present  approximately  147,C00  DANM0NT  cards  have  been  issued  for  a 
value  of  just  over  kr.l4  million.  For  comparison,  coin  in  circulation  currently 
amounts  to  kr.2.9  billion  and  notes  in  circulation  to  kr.28.5  billion. 

So  far  all  DANM0NT  cards  have  been  memory  cards  which  cannot  be 
recharged,  but  introduaion  of  the  rechargeable  processor  card  is  planned  for 
1995. 

The  structure  of  the  DANM0NT  system 

The  DANM0NT  system  is  an  example  in  praaice  of  an  open  prepaid  card 
system.  Its  structure  is  illustrated  on  the  following  page. 

The  system  operator  is  the  central  actor  in  the  system.  This  function  is  per- 
formed by  the  DANM0NT  company.  The  system  operator  has  two  primary 
areas  of  responsibility.  One  is  system  operation  and  the  other  is  specification  and 
certification  (approval). 

As  regards  system  operation  the  system  operator  is  responsible  for  the  func- 
tionality of  the  overall  DANM0NT  system,  including  monitoring  system  secur- 
ity, and  for  clearing  and  settlement  between  card  issuers  and  service  providers. 

The  responsibility  for  specification  and  certification  implies  that  the  system 
operator  draws  up  the  technical  specifications  for  cards  and  terminals  which  all 
suppliers  must  comply  with.  The  system  operator  also  certifies  all  equipment  be- 
fore commissioning  and  all  card  produaion  before  start-up.  DANM0NT  itself 
thus  manufactures  neither  terminals  nor  cards. 

The  oxtt/  issuer  is  responsible  for  issue,  i.e.  sale  of  cards.  The  card  issuer  is  nor- 
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The  structure  of  the  DANM0NT  system 
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mally  a  bank  or  telephone  company.  Cards  may  be  sold  from  the  issuer's  own 
branches  or  from  other  sales  outlets,  such  as  newsagents,  service  stations  or  retail 
shops.  The  issuer  must  purchase  canls  from  a  supplier  certified  by  DANM0NT. 

The  card  supplier,  cercified  by  DANM0NT,  manufaaures  cards  according  to 
the  specifications  and  supplies  them  to  the  issuer  for  funher  sale. 

The  service  prwider  (payment  recipient)  is  obliged  to  use  equipment  certified 
by  DANM0NT  and  furthermore  to  accept  all  valid  DANM0^^T  cards.  In 
principle,  service  providers  in  the  DANM0NT  system  are  not  subjeCT  to  any 
restriaions.  However,  a  precondition  is  a  contract  with  DANM0NT. 

The  terminal  supplier,  certified  by  DANM0NT,  manufactures  terminals  and 
equipment  according  to  the  specifications  and  supplies  these  to  the  service 
providers. 

The  card  holder  purchases  the  DANM0NT  card  at  a  card  sale  outlet  and  uses 
it  at  his  or  her  discretion  among  the  service  providers. 


Since  the  DANM0NT  system  is  an  open  prepaid  card  system,  a  clearing  func- 
tion is  required  to  ensure  that  the  correct  amounts  are  senled  to  the  service 
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providers.  As  stated  above,  DANM0NT  as  system  operator  is  responsible  for 
the  DANM0NT  system's  clearing  function. 

In  praaice,  DANM0NT  receives  the  original  nominal  value  of  the  cards  from 
the  card  issuers  in  connection  with  aaivation  of  the  cards  by  the  card  suppliers. 
DANM0NT  then  settles  the  correa  amounts  with  the  service  providers  as  the 
cards  are  used  as  payment  for  services. 

The  system  operator  thus  holds  the  prepaid  funds  and  honours  the  claims  of 
card  holders.  The  card  issuers  in  the  DANM0NT  system  do  not  hold  the 
prepaid  funds  at  any  time.  The  system  operator  is  therefore  also  the  most  in- 
teresting element  of  the  DANM0NT  system  from  the  supervisory  aspea. 

The  DANM0NT  system's  security  standard  is  very  high.  For  example,  DAN- 
M0NT  keeps  a  register  of  all  DANM0NT  cards  m  circulation  on  the  basis  of 
individual  card  numbers.  The  register  contains  information  on  the  balance  out- 
standing on  each  card  and  is  updated  on  an  ongoing  basis.  The  register  will  dis- 
close any  counterfeit  cards  used  or  if  an  existing  card  is  used  for  a  total  amount 
exceeding  the  original  nominal  value.  It  should  be  noted  that  all  registration  is 
made  on  the  basis  of  card  numbers  so  that  each  prepaid  card  remains  completely 
anonymous. 

Reflation  ofDANMeJNT 

Like  other  payment  cards  the  DANM0NT  card  is  subjea  to  the  Danish  Aa 
on  Payment  Cards.  Exemptions  have  been  granted  from  those  provisions  of  the 
Aa  which  are  not  immediately  relevant  to  prepaid  cards. 

Funhermore,  the  Danish  Financial  Supervisory  Authority  supervises  the  over- 
all system  security  of  the  DANM0NT  system  along  the  same  lines  as  the 
Authority's  supervision  of  the  banks'  computer  centres  and  PBS. 

It  has  been  decided  that  the  PANM0NT  company  will  also  be  subjea  to 
general  supervision  by  the  Financial  Supervisory  Authority.  The  Ministry  of 
Industry  expects  to  submit  a  proposal  for  a  new  seaion  of  the  Danish  Aa  on 
Certain  Credit  Institutions  direaed  panicularly  at  issuers  of  prepaid  cards.  The 
decision  to  supervise  issuers  of  Danish  prepaid  cards  should  among  other  faaors 
be  viewed  in  the  light  of  the  conclusions  of  the  aforementioned  report  from  the 
EU  central  banks. 


106 


The  Danish  Prepaid  Card  Experience 

DANM0NT 


An  Intersector  Electronic  Purse 

by 

Henning  N.  Jensen 
Managing  Director 


DANM0NT 

Ringager  2 

DK-2605  Brendby 

DENMARK 


Tel.:  -I-  45  43  44  99  99 
Fax:  +  45  43  44  90  30 


D  ANM0NT  A/S  1 996  Page  1 


Transactions 
(000) 


107 


One  of  the  worlds  first  open  prepaid  card  systems  is  a  success 
in  Denmark.  The  consumers  have  welcomed  the  new  means  of 
payment  and  the  disposable  DANM0NT  card  has  been  used 
more  than  3,3  mill,  times  by  December  1 995  with  an  average 
transaction  value  of  app.  DKK  9  (US$  1.65). 

Furthermore,  VISA  International  has  acquired  a  license  to  the 
DANM0NT  specifications  and  is  planning  to  use  the  concept 
for  VISA  member  pilots  around  the  world  and  during  the  Olym- 
pic Games  in  Atianta  1996. 

After  a  successful  trial  in  the  city  of  Niestved  the  nationwide 
roll-out  started  in  the  capitaJ  of  Denmark,  Copenhagen.  From 
December  2,  1993  the  citizens  of  Copenhagen  could  use  their 
DANM0NT  card  in  payphones,  parking  meters,  POS-termi- 
nals,  snack  vending  machines,  stamp  postage  machines  and 
laundrettes. 


Transactions  per  quarter 

Other  towns  are  constantly  being  added  to  the  list  of  places 
v^/here  you  can  use  the  anonymous  DANM0NT  card  instead  of 
coins.  The  latest  services  introduced  in  the  D ANM0NT  system 
are  automatic  ticket  machines  at  the  Copenhagen  Mass  Transit 
System  and  a  self  service  concept  at  a  Copenhagen  post  office. 
Furthermore,  motorists  can  reload  their  c^s  at  10  recharging 
stands  for  electrical  cars  and  at  the  same  time  benefit  from  free 
parking. 


DANM0NTA/S1996 
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Background 

The  story  behind  the  Danish  prepaid  card  or  "Stored  Value 
Card"  actually  begins  with  the  success  of  the  Dankort,  the 
national  debit  card  system.  The  Dankort  system  was  introduced 
in  1983,  and  in  1995  more  than  230  million  Dankort  transac- 
tions had  been  carried  through,  which  distinctly  illustrates  how 
the  Danes  have  adopted  the  plastic  card  during  the  1980's. 

This  success  means  that  during  the  last  few  years  there  has  been 
an  even  stronger  intention  of  finding  low  cost  solutions  -  espe- 
cially from  the  service  providers,  e.g.  telephone  companies, 
producers  of  parking  meters  and  vending  machine  operators  - 
solving  the  problems  in  the  area  influenced  by  payments  of 
small  amounts. 


DANM0NT  A/S 

DANM0NT  A/S  was  establish  in  June  1991  with  PBS,  on 
behalf  of  all  the  financial  institutes  in  Denmark  and  Tele  Den- 
mark, on  behalf  of  the  four  Danish  telephone  companies,  as 
equal  shareholders  and  with  a  capital  of  DKK  80  mill.  (app.  US$ 
15  mill.) 

The  purpose  of  DANM0NT  A/S  is  to  develop  and  introduce  a 
common  prepaid  card  based  on  IC  technology  for  use  in  pay- 
ment situations  where  coins  traditionally  are  used.  The  commu- 
nication between  the  services  and  the  clearing  system  is  off-line 
and  with  no  PIN  code  and  the  card  is  without  any  connection  to 
a  bank  account. 


The  "Closed  System" 

The  most  simple  way  to  introduce  a  prepaid  card  is  to  use  a 
closed  system  which  is  characterized  by  the  card  issuer  and  ser- 
vice provider  being  the  same  business  entity,  e.g.  a  telephone 
company  which  receives  payment  for  the  use  of  their  telephones 
and  at  the  same  time  they  issue  their  own  telephone  cards. 
Another  example  could  be  a  cafeteria  where  the  company 
receives  payment  in  the  cafeteria  through  their  own  cafeteria 
card. 

Closed  systems  like  the  above  are  among  other  things  character- 
ized by  not  needing  a  clearing  system  and,  the  internal  security 
is  often  not  very  high  neither  for  the  Service  provider  nor  the 
card  holder. 
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This  makes  the  systems  simple,  inexpensive  and  it  is  possible 
to  start  a  system  very  fast.  As  a  disadvantage  closed  systems  are 
often  relatively  vulnerable  and  inapplicable  for  larger  scales. 

The  "Open  System" 

The  open  system  is  characterized  by  having  several  card  issuers 
and  several  service  providers.  Open  systems  demand  a  well 
working  clearing  function  and  a  reliable  security  system  which 
ensure  the  presence  of  the  prepaid  values.  This  complex  system 
demands  a  system  operator  accepted  by  all  parties.  The  advan- 
tages of  an  open  system  are  that  whoever  whishes  to  receive  a 
card  as  means  of  payment  can  do  so  and  the  consumer  will  only 
have  to  buy  one  card  which  can  be  used  in  several  payment  situ- 
ations. 


equipment 


money 


DANM0NT  Solution 

As  the  purpose  in  Denmark  was  to  establish  a  common  prepaid 
card  the  solution  is  an  open  system  where  DANM0NT  takes 
care  of  the  following  tasks: 

-  develop  specifications  for  cards  and  terminals 

-  carry  out  tests  and  certify  cards  and  terminals 

-  do  the  marketing  and  implementation  of  the  concept 

-  take  care  of  the  clearing  of  transactions 

-  have  the  responsibility  for  the  system  security 
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The  expenses  for  DAhfM0NT  are  mainly  divided  into  four 
categories:  card  production  and  activation  cost,  transaction  pro- 
cessing, system  operation  and  marketing,  while  the  revenues 
are  coming  from  service  provider  fees,  float,  redemption  value 
and  advertisements. 


Card  and  Terminal  Suppliers 

Now,  lets  look  at  the  different  roles  and  incitement  of  the  differ- 
ent parties  in  the  DANM0NT  system. 

The  primary  reason  of  the  card  and  terminal  suppliers  for  partic- 
ipating in  the  system  is  to  build  up  know-how  in  the  field  of  chip 
cards  and  related  terminals  and  thereby  sell  their  solutions  in 
both  Denmark  and  abroad. 

The  suppliers  of  terminals  (Card  Accepting  Device  -  CAD)  and 
cards  have  to  comply  with  the  DANfM0NT  specifications  and 
tests,  before  they  can  sell  their  products  to  the  open  and  free 
market  The  development  and  production  of  equipment  and 
cards  are  on  the  suppliers  own  initiative  and  risk. 


Service  Providers 

The  service  providers  buy  new  equipment  or  they  have  existing 
equipment  converted  to  accept  D ANfM0Nrr  by  a  certified  CAD 
supplier.  At  the  same  time  the  service  provider  enters  into  a  con- 
tract with  DANM0NT  that  guarantees  that  the  amount  of 
money  from  the  collected  and  cleared  transactions  are  placed  on 
his  bank  account.  DANM0NT  is  by  this  contract  also  autho- 
rized to  debit  the  service  provider  a  fee  for  the  connection  to  the 
system.  The  transaction  fee  is  for  the  time  being  DKK0.20  (app. 
US$  0.04). 

The  introduction  of  DANM0NT  means  an  attractive  alterna- 
tive to  coins  due  to: 

•  less  vandalism 

•  increased  sale 

•  easier  accessibility 

•  reduced  insurance  costs 

•  easier  administration 

•  better  statistics 

These  advantages  mean  that  the  service  supplied  in  self-service 
environments  will  be  extended  and  new  services  will  arise. 
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Card  Issuers 

So  far  more  than  500,000  cards  with  an  average  face  value  of 
DKK  120  (app.  US$  24)  have  been  issued  by  financial  institu- 
tions. Tele  Denmark  and  DANM0NT.  Several  card  series  are 
issued  with  advertisements,  creating  an  "up-front"  image  of  the 
advertising  companies  and  making  the  cards  collectors  items. 

The  DANM0NT  card  is  a  new  and  exciting  media  as  both  side 
1  and  side  2  of  the  card  can  be  used  for  advertising  purposes.  As 
a  consequence  a  lot  of  different  advertisements  and  messages 
on  the  cards  can  be  seen  e.g.  Coca  Cola,  IBM,  Shell,  Siemens, 
AVIS.  The  maximum  face  value,  given  by  the  Department  of 
Industry,  is  at  the  moment  DKK  500  (app.  US$  100). 

The  benefits  for  the  card  issuers  are: 

•  elimination  of  low  value  transactions  in  the  debit  cards 
schemes 

•  access  to  new  business  areas 

•  influence  on  the  float 

•  future  rationalization  of  coin  handling 

Card  Holders 

Card  holders  buy  a  DANM0NT  card  for  the  face  value.  The 
incentive  of  the  card  holders  to  provide  themselves  with  a 
DANM0NT  card  can  be  expressed  very  precise  -  CON- 
VENIENCE. 

The  card  gives  D  ANM0NT  users  a  lot  of  positive  experience 
in  payment  situations  for  small  amounts: 

•  always  the  right  amount 

•  faster  service 

•  easily  accessible 

•  anonymous  payment 

The  DANM0NT  card  can  be  used  by  all,  no  matter  of  age  or 
credit  rating.  It  is  very  easy  -  there  is  only  one  card  for  a  lot  of 
different  services.  But  one  thing  should  be  stressed  -  it  is  the 
card  holder  who  decides  whether  the  card  is  a  success  or  not. 

Regarding  consumer  protection  there  is  a  maximum  value  on 
the  card,  new  cards  are  sold  in  a  sealed  packaging  and  card 
holder  information  are  printed  on  the  packaging.  Furthermore, 
the  card  holder  can  have  the  balance  refunded  after  the  "valid 
thru"  period. 
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How  To  Use  The  DANM0NT  Card 

If  one,  for  example  in  a  cafeteria  or  at  a  railway  station  wishes 
to  have  a  cup  of  coffee  from  a  vending  machine  the  following 
happens: 

-  insert  your  DANM0NT  card  in  the  vending  machine, 

-  the  display  of  the  vending  machine  shows  the  card  balance, 

-  push  the  coffee  button, 

-  the  display  shows  the  price, 

-  by  pressing  the  "green  button"  you  accept  the  purchase, 

-  the  machine  automatically  deduct  the  amount  from  the  card, 

-  the  coffee  is  provided, 

-  the  vending  display  shows  the  new  balance  on  the  card, 

-  take  the  coffee  and  remember  the  card 

The  process  and  user  interface  are  alike  in  all  vending  machines 
and  when  the  card  is  empty  one  has  to  buy  a  new  one.  If  there 
is  not  enough  money  on  the  card  for  a  cup  of  coffee  the  vending 
machine  asks  if  you  have  another  card  for  the  remainder,  which 
is  called  a  "split  payment".  If  one  accepts  using  a  new  card,  the 
vending  machine  empties  the  old  one  first  and  then  deduct  the 
remaining  value  from  the  new  card.  Simple,  fast,  secure  and 
always  the  right  amount! 


Successful  Test 

On  September  1,  1992  DANM0NT  started  one  of  the  worlds 
first  "open  system"  with  prepaid  cards  in  a  medium  sized 
Danish  town,  Nastved.  The  DANM0NT  cards  could  be  used 
in  telephones,  laundrettes,  cafeterias,  parking  meters,  vending 
machines  for  snack,  stamp  postage  machines,  gaz  stations  and 
in  convenient  stores.  The  test  of  the  DANfM0NT  equipment 
was  very  satisfactory  and  ended  March  1,  1993. 

The  principal  objective  of  the  technological  trial,  was  to  prove 
that  the  clearing  and  security  systems  were  functioning  accord- 
ing to  the  description  elaborated  prior  to  the  launch.  This  is  a 
key  factor  to  short  and  long  term  success,  especially  with  the 
authorities,  who  have  been  and  still  are  monitoring 
DA>fM0NT  closely. 

A  consumer  research  carried  out  after  the  trial  in  Naestved 
showed  that  the  knowledge  level  increased  from  27  %  before 
the  test  to  89  %  after  the  test  and  60  %  were  in  favour  of  prepaid 
cards  for  the  following  reasons: 
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•  one  doesn't  have  to  remember  a  PIN-code  (as  in  the  Dan- 
ish debit  card  system) 

•  there  is  no  age  limit 

•  no  possibility  of  over  spending 

•  no  special  credit  rating 

7.5  %  of  the  population  in  the  trial  city  actually  used  the  card 
within  the  first  6  month.  Furthermore,  22  %  were  prepared  to 
buy  a  D  ANM0NT  card  when  the  number  of  relevant  services 
are  sufficient  in  their  neighborhood  or  working  environment. 

The  test  also  showed  very  good  results  with  the  technical  mod- 
ules and  the  cards  used.  The  error  rate  of  the  cards  was  and  still 
is  less  than  one  card  out  of  one  thousand  cards,  (l%c). 


The  Nationwide  Roll-out 

The  nation-wide  roll-out  has  started  and  the  ongoing  extension 
of  the  number  of  services  connected  to  the  DANM0NT  system 
is  done  in  two  ways: 

•  sporadic  extension 

•  geographical  extension 

Sporadic  extension  means  that  DANM0NT  equipment  is 
installed  in  "closed"  environments  all  over  the  country  e.g.  in 
laundrettes,  canteens  etc.  At  present  the  DANM0NT  card  can 
be  used  in  more  than  50  cities  around  the  country  due  to  this. 

In  cities  like  Naestved  where  the  service  providers  and  the  city 
have  a  common  interest  in  implementing  D  ANM0NT  a  general 
wish  to  have  DANM0NT  services  will  arise  in  closed  environ- 
ments as  well  as  in  public  accessible  services  e.g.  telephones, 
parking  meters,  automatic  ticket  machines,  newspaper  dispens- 
ers, stamp  postage  machines  and  kiosks  etc. 

In  addition  to  Copenhagen  a  good  example  is  the  town  called 
Vordingborg  which  started  with  DA^^VI0NT-terminals  in  con- 
venience stores,  gaz  stations  and  bakeries. 

Business  Requirements 

In  the  D ANM0NT  development  much  attention  has  been  paid 
to  the  national  and  international  business  requirements  and 
through  consumer  research  to  ensure  that  the  system  also  fulfils 
the  card  holders'  expectations. 
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In  connection  with  prepaid  cards,  security  is  an  issue  which 
everybody  is  concerned  about.  DA^fM0NT  has  combined  the 
knowledge  from  the  debit  and  credit  card  environment  with  the 
latest  IC-card  technology  to  ensure  a  very  secure  clearing  and 
settlement  system.  This  gives  the  system  operator  control  of  the 
entire  system  at  a  low  cost  level,  and  it  gives  the  authorities  the 
necessary  data  for  their  audits. 

Unlike  a  lot  of  other  prepaid  card  systems,  DANM0NT  is  clear- 
ing the  transactions  on  an  individual  as  well  as  on  an  aggregated 
level.  This  is  very  important  in  open  systems,  where  public 
authorities  want  to  be  able  to  supervise  the  system. 

Furthermore,  a  clearing  of  the  individual  transactions  makes  it 
possible  for  the  system  operator  to: 

•  determine  the  redemption  value  on  the  individual  cards  in 
circulation, 

•  detect  possible  double  transactions,  which  can  occur  either 
as  errors  in  the  card  accepting  device  or  as  fraud,  and/or 

•  detect  if  fraud  occurs  with  the  cards. 

To  clear  all  the  individual  transactions  implies  added  costs  in 
the  operation  of  the  clearing  system,  but  DANM0NT  has 
developed  methods  to  allow  the  system  operator  to  clear  trans- 
actions on  an  aggregated  level,  if  it  is  found  appropriate. 

Regulation  of  DANM0NT 

Like  other  payment  cards  the  D  ANfM0NT  card  is  subject  to  the 
Danish  Act  on  Payment  Cards.  Exemptions  have  been  granted 
from  those  provisions  of  the  Act  which  are  not  immediately 
relevant  to  prepaid  cards. 

It  has  been  decided  that  the  DANM0NT  company  will  also  be 
subject  to  general  supervision  by  the  Financial  Supervisory 
Authority.  Therefore,  the  Danish  Financial  Supervisory 
Authority  supervises  the  overall  system  security  of  the 
DANM0NT  system  along  the  same  lines  as  the  Authority's 
supervision  of  the  bank's  EDP  centers. 

The  Department  of  Industry  has  submitted  a  proposal  for  a  new 
section  of  the  Danish  Act  on  Certain  Credit  Institutions  directed 
particularly  at  issuers  of  prepaid  cards.  The  decision  to  super- 
vise issuers  of  Danish  prepaid  cards  can  among  other  factors  be 
viewed  in  the  light  of  the  conclusion  of  the  May  1994  report 
from  the  European  Monetary  Institute,  th^t  only  credit  institu- 
tions are  allowed  to  issue  electronic  piirses  in  open  environ- 
ments. 


DANM0NTA/S  1996  Page  9 


115 


Time  Table 

The  inirial  phase  0  (1st  September  1992  -  1st  March  1993)  was 
used  for  piloting  the  system  components  in  a  geographically 
limited  area  (Njestved).  The  cards  and  terminal  equipment  were 
the  same  as  specified  for  use  in  phase  I. 

The  nationwide  roll-out  in  phase  1  -  which  started  on  March  1 , 
1993  -  uses  a  standardized  IC  card  embedded  with  a  memory 
IC  with  hard-wired  security  logic.  Phase  I  is  based  upon  all  the 
experience  gained  during  phase  0. 

In  the  next  phase  (11)  -  from  October  1 995  -  the  reloadable  pre- 
paid card  was  introduced.  This  card  is  an  ISO  and  CEN  stan- 
dardized ICcard,  but  instead  of  using  a  memory  IC  (SLE  4404), 
a  small  microprocessor  IC  (SLE  4404)  is  embedded  in  the  card. 
So  far  the  cards  are  used  in  a  limited  area,  but  when  the  Danish 
banks  decide  to  implement  the  load  function  in  the  ATM's  or  in 
reload  devices  the  consumers  will  be  able  to  use  both  solutions 
in  parallel. 

Phase  in  will  extend  the  use  of  the  IC  card  introduced  in  phase 
n  by  utilizing  a  limited  number  of  the  functions  in  a  multiap- 
plication  card.  The  IC  may  be  of  the  same  type  as  in  phase  II  or 
one  with  larger  memory  and/or  processing  capacity.  This  phase 
will  not  introduce  new  components  in  the  DANM0NT  system 
as  such,  but  utilize  the  existing  ones.  In  this  card  the 
DANM0NT  function  will  reside  along  with  other  commercial 
functions. 


Conclusion 

The  nationwide  roll-out  has  started  very  well  and  DANM0NT 
is  looking  forward  together  with  the  interested  parties  to  contin- 
uing the  extension  of  this  new  payment  system  in  Denmark. 

So  far  most  of  the  DANM0NT  cards  are  disposable,  but  it  is 
now  possible  to  get  rechargeable  cards  and  get  them  reloaded. 
The  two  card  types  will  run  simultaneously  as  many  tourists, 
young  people  and  card  holders,  who  don't  use  the  card  very 
often,  will  continue  to  prefer  disposable  cards. 

A  lot  of  people  talk  about  the  coinless  society,  but  this  is  a  future 
vision.  For  comparison,  the  Danish  central  bank  have  estimated 
that  coins  in  circulation  in  Denmark  curreptly  amounts  to  DKK 
2.9  billion,  so  for  the  time  being  DANM0NT  have  only  taken 
approximately  1  %  of  the  steps  towards  the  coinless  society. 
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Testimony  by  Denis  A.  Calvert 

Vice  President  and  General  Manager 

United  States  Financial  Retail  Division,  VeriFone,  Inc. 

Subcommittee  on  Domestic  and  International  Policy 

of  the 

Committee  on  Banking  and  Financial  Services 

United  States  House  of  Representatives 

June  11, 1996 
Introduction  and  Opening  Remarks 


Mr.  Chairman,  distinguished  committee  members,  and  members  of  the  committee  staff,  it  is  my 
distinct  privilege  to  be  here  today  to  offer  VeriFone's  perspective  regarding  the  evolution  of  payment 
systems.  VeriFone,  Inc.,  is  a  global  firm  with  headquarters  in  Redwood  City,  California.  In  1995,  our 
revenues  approached  S400  million.  We  do  business  in  over  100  countries,  and  employ  about  3,000 
people.  VeriFone  is  the  world  leader  in  "transaction  automation."  Many  of  you  know  us,  although 
probably  not  by  name,  but  by  the  small  gray  boxes  through  which  retailers  "swipe"  your  credit  card. 
We  have  in  excess  of  5  million  of  those  "little  gray  boxes"  installed. 

VeriFone  systems  and  related  software  components  are  used  in  international  smart  card  schemes 
such  as  Visa  Cash,  MasterCard  Cash  and  Mondex.  In  the  Asia-Pacific  region,  VeriFone  is  actively 
promoting  its  stored  value  technology  in  Hong  Kong,  Peoples  Republic  of  China,  Indonesia,  Japan, 
Thailand  and  India.  In  addition,  the  company's  distributors  have  developed  and  installed  end-to-end 
Stored  Value  Card  solutions  for  Italy,  Russia  and  elsewhere. 

As  Vice  President  and  General  Manager  for  VeriFone's  United  States  Financial  Retail  Division,  I 
have  overall  responsibility  for  sales,  marketing,  finance,  and  development  for  a  S180  million  business. 


Clearly,  the  landscape  is  quickly  changing  with  regard  to  the  payment  infrastructure  in  the  United 
States.  It  is  VeriFone's  intent  to  play  a  significant  role  in  the  "virtual"  market  space  for  payments, 
just  as  we  already  do  in  the  "physical"  market  space,  i.e.  the  retail  countertop. 
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Evolution  of  Automated  Payment  Systems  and  the  Future  of  Money 

Preface 


Today  VeriFone  is  participating  around  the  world  in  a  number  of  pilots  that  involve  the  development 
of  regional  payment  systems  using  a  variety  of  technologies.  We  believe  VeriFone  may  be  able  to 
provide  you  with  interesting  insights  into  the  evolution  of  chip  cards  and  Internet  payment  systems. 
In  my  testimony  I  want  to  describe  one  of  perhaps  many  possible  payment  scenarios  that  may 
provide  a  glimpse  of  the  future  of  money  from  our  perspective.  This  scenario  is  intended  to  provide 
you  with  an  academic  view  that  should  place  a  number  of  payment  systems  and  technologies  into 
better  focus. 

As  you  know,  the  Internet  has  been  on  an  exponential  growth  curve  for  the  last  several  years  in  spite 
of  significant  infrastructure  deficiencies.  Nevertheless,  it  is  expected  that  many  of  the  infrastructure 
problems  will  be  reduced  sufficiently  to  enable  billions  of  dollars  to  be  transferred  annually  over  the 
Internet  in  just  a  few  years.  VeriFone,  as  one  of  many  companies  developing  pieces  for  a  new 
generation  of  the  chip  card  and  Internet  payment  systems,  sees  no  technical  obstacles  to  prevent 
these  expectations  from  being  realized. 

My  testimony  today  contains  two  messages  for  you. 

First  I  will  describe  a  few  of  the  important  payment  system  components  under  development  at 
VeriFone  that  will  help  derine  the  future  of  money.  With  that  as  background  I  will  speculate  about 
one  of  many  possible  evolutionary  paths  these  new  payment  systems  could  take  us.  I  will  speculate 
about  a  number  of  significant  benefits  that  might  be  realized,  and  conclude  with  suggestions  of 
actions  that  this  subcommittee  might  be  able  to  take  to  help  realize  the  enormous  potential  of  an 
Information-based  world  economy. 

Next,  one  of  the  cornerstones  that  will  shape  the  future  of  money  is  the  strength  of  a  private  sector 
national  and  international  Public  Key  Certification  infrastructure.  The  foundation  for  Electronic 
Commerce  in  the  broadest  sense  depends  on  this  crucial  infrastructure,  including  many  Internet 
payment  schemes,  if  these  certification  systems  are  susceptible  to  compromise,  if  they  are  not 
supported  in  law,  if  they  do  not  provide  a  solution  to  the  business  liability  issues  related  to  a 
Certificate  Authority,  then  business  transactions  and  the  transfer  of  money  over  public  networks 
may  never  reach  their  full  potential.  Another  facet  of  this  issue  is  the  vulnerability  of  public  networks 
to  calculated  disruption  by  terrorists  or  other  resourceful  entities.  My  recommendation  to  this 
subcommittee  is  that  you  spend  the  time  necessary  to  understand  and  judge  for  yourself  the 
seriousness  of  this  threat  to  our  emerging  monetary  schemes  and  automated  payment  systems. 
Perhaps  this  subcommittee  could  explore  and  reinforce  national  and  international  efforts  designed  to 
maintain  the  integrity  of  public  networks,  thus  insuring  a  stable  international  value  transfer  system 
over  the  long  term. 

Business  Trends  that  Affect  the  Future  of  Money 

Today  there  are  at  least  two  fundamental  trends  that  may  have  a  tremendous  influence  on  the  future  of 
electronic  money  and  payments  systems. 
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First,  Public  Key  Cryptology,  with  its  dependence  on  Public  Key  CertiTicates,  seems  well  positioned 
to  provide  a  solid  foundation  for  electronic  payment  systems  over  the  Internet.  The  agreement 
between  MasterCard  and  Visa  on  the  SET  protocol  and  ANSI  X.509  Public  Key  Certiflcates  was  a 
milestone  event  in  the  development  of  transaction  level  security  for  the  Internet.  The  use  of  Public 
Key  CertiTicates  by  consumers  to  secure  their  credit  card  transactions  is  the  beginning  of  new 
payment  systems  and  electronic  money.  We  expect  to  see  an  increasing  use  of  Public  Key  certificates 
for  electronic  payment  transactions  over  the  Internet.  We  expect  that  Public  Key  Cryptology  will 
rapidly  become  a  foundation  for  secure  electronic  commerce  transactions  in  the  broadest  sense-not 
just  for  payments. 

Second,  we  expect  the  exponential  growth  of  the  Internet  to  continue  internationally,  and  the  value- 
transfers  to  reach  into  the  hundreds  of  billions  of  dollars  in  the  near  future.  This  explosive  growth 
suggests  that  Internet  payment  schemes  and  their  support  infrastructure  will  deflne-to  some  degree- 
the  future  of  money  on  an  international  scale.  The  value  transfers  that  will  take  place  from 
consumers-to-consumers,  consumers-to-businesses,  businesses-to-businesses,  government-to-citizens, 
etc.  will  be  driven  by  the  inherent  efficiencies  of  an  information-based  world  economy.  If  this  proves 
to  be  the  case,  then  there  may  be  a  significant  portion  of  purchases  occurring  with  Internet-based, 
"virtual  stores".  Since  merchants  are  the  key  end  users  of  our  products,  VeriFone  intends  to  pursue 
strategies  that  enable  "physical"  merchants  to  methodically  upgrade  their  terminals,  those  "gray 
boxes"  I  described  earlier,  to  accept  new  Internet-based  payment  schemes,  as  well  as  enable 
"virtual"  merchants  to  accept  payments.  We  expect  physical  and  virtual  merchants  to  coexist,  with 
significant  increases  in  payment  transactions  through  virtual  merchants  over  time. 


Proposed  Questions  for  Exploration 


At  this  time  I  want  to  propose  a  number  of  questions  related  to  the  future  of  money. 

1.  Should  this  Subcommittee  participate  in,  or  monitor  the  definition  of,  a  National  and 
International  Public  Key  Certification  Infrastructure?  Electronic  Commerce  will  most  likely 
be  based  on  Public  Key  Cryptology,  at  least  in  the  U.S.  However  it  is  not  known  whether  the 
American  public  will  accept  Public  Key  Certificates  as  Internet  identity  documents.  It  is  for 
this  reason  that  this  Subcommittee  and  other  National  and  State  legislative  bodies  should 
support  a  grass  roots  movement  toward  using  Public  Key  Cryptology  as  a  legal  foundation 
for  Electronic  Commerce. 

2.  Should  this  Subcommittee  monitor  the  passage  of  "digital  signature  legislation"  by  states 
and  the  Federal  Government?  This  legislation  makes  the  Public  Key  digital  signature  the 
legal  equivalent  of  a  handwritten  signature  in  a  court  of  law.  Digital  signatures  are  a 
fundamental  component  of  many  of  the  Internet-based  monetary  schemes  and  payment 
systems.  We  see  a  need  for  appropriate  laws  and  regulations  that  will  support  digital 
signatures  in  a  new  generation  of  electronic  payment  schemes,  as  well  as  in  electronic 
contracts,  confidentiality  statements,  etc. 

3.  Should  this  Subcommittee  oversee  or  foster  the  development  of  Internet-based  electronic 
payment  schemes  for  Government  transfer  payments?  The  Internet-based  electronic  cash 
and  money  schemes  under  development  today  might  be  adaptable  for  Government  transfer 
payments.  If  not,  then  specialized  payment  schemes  for  government  EBT  payments  are 
certainly  within  our  technical  grasp.  In  either  case,  if  the  commercial  Internet  payments 
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inTrastructure  evolves  as  I  describe  in  Appendix  B  (A  View  of  the  Future  Money  Systems), 
then  there  might  be  an  opportunity  for  Federal  and  state  governments  to  use  the  Internet  to 
distribute  EBT  payments  just  as  the  commercial  sector  will  use  the  Internet  to  transfer 
electronic  cash,  checks  or  credit  payments.  This  opportunity  will  only  be  available  if  a 
government  agency-perhaps  the  U.S.  Mint-develops  and  certiTies  an  Internet-based  EBT 
chip  card  payment  system  that  takes  advantage  of  the  private  sector's  electronic  payments 
infrastructure?  I  understand  that  one  of  the  U.S.  Mint  concerns  is  lost  revenues  in 
seigniorage  if  Stored  Value  Cards  replaced  coins.  Perhaps  the  reduction  in  EBT  fraud  and 
operating  costs  that  might  result  from  a  secure  Internet-based  EBT  payments  system  could 
offset  seigniorage  losses. 

4.  Should  this  Subcommittee  or  some  other  Federal  Agency  assist  the  private  sector  in 
promoting  consumer  trust  of  emerging  Internet-based  payments  infrastructure?  The  public 
has  been  warned  so  many  times  about  the  lack  of  security  on  the  Internet  that  there  may  be 
a  reluctance  to  use  the  Internet  for  consumer  transactions.  There  is  an  industry  optimism 
that  Internet  payments  system  may  be  more  secure  than  those  we  use  today,  is  there 
anything  this  subcommittee  or  other  committees  can  do  to  assist  the  banking  industry  in 
fostering  public  trust  for  Internet  payment  and  commerce  in  general? 

5.  On  the  other  end  of  the  spectrum,  should  this  Subcommittee  have  a  special  responsibility  to 
monitor  the  potential  threats  from  "Information  Warfare"  on  the  emerging  electronic 
money  systems?  A  commonly  accepted  dennition  for  "Information  Warfare"  is  "the  use  of 
information  and  information  systems  as  weapons  in  a  conflict  where  information  and 
information  systems  are  the  targets".  The  private  sector  understands  the  threats  to 
commercial  operations  from  conventional  warfare.  How  serious  is  this  threat  to  our 
emerging  payment  system  from  a  resource-rich  nation?  Is  there  anything  this  Subcommittee 
can  do  to  make  sure  that  the  Internet  payment  systems  are  appropriately  protected? 

Conclusions 

In  Appendix  A  to  my  testimony  I  describe  a  number  of  key  payment  system  components  currently 
under  development  by  VeriFone.  In  Appendix  B  I  speculate  about  how  those  payment  system 
components  might  become  as  common  in  our  daily  lives  as  cash  registers,  credit  card  terminals,  and 
automated  bank  terminals  are  today.  One  of  the  more  important  of  these  components  is  the  chip  card 
reader/writer  attached  to  a  home  PC.  We  refer  to  this  product  as  "Payport"  or  the  "Personal  ATM" 
in  the  home.  If  a  sufficiently  large  number  of  these  chip  card  devices  or  appliances  are  distributed  to 
consumers  as  a  security  component  for  Internet-based  home  banking  applications,  it  seems  possible 
that  they  could  have  a  significant  catalytic  effect  on  the  future  of  private  sector  commerce-both  on 
and  off  the  Internet,  and  on  public  sector  transfer  payments  disbursed  over  the  Internet. 

We  conclude  from  these  ideas  that  the  distribution  of  Chip  Cards  and  Chip  Card  terminals  into 
consumers'  homes  may  be  a  very  important  in  accelerating  an  evolution  toward  secure  monetary 
payment  systems  in  our  physical  world.  If  it  were  feasible  to  distribute  government  welfare  payments 
over  the  Internet  and  onto  chip  cards,  this  factor  would  provide  an  important  incentive  for 
businesses  to  upgrade  to  a  Stored  Value  infrastructure. 

Finally,  I  want  to  reiterate  the  importance  of  a  National  and  International  Public  Key  Certification 
Infrastructure  to  the  future  of  money.  I  hope  you  will  continue  to  explore  this  issue  and  the 
important  role  this  legislative  body  could  play  in  this  critical  initiative. 

Thank  you  for  the  opportunity  to  share  our  views.  I  welcome  any  questions. 
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Appendix  A 
Future  Payment  Scheme  Key  Components 

Internet  Electronic  Wallet 


The  Internet  Electronic  Wallet  is  a  software  program  that  operates  with  any  Internet  Browser.  It  will 
hold  one  or  more  Internet-based  payment  schemes.  A  consumer  would  use  his  Electronic  Wallet  to 
select  a  payment  scheme  and  initiate  purchase  from  his  personal  computer.  A  number  of  companies 
will  offer  Electronic  Wallets  for  the  internet.  In  the  third  quarter  of  this  year  VeriFone  will  offer  an 
Electronic  Wallet  called  "vWallet"  based  on  the  MasterCardA'isa  Secure  Electronic  Transaction 
(SET)  protocol. 

Secure  Electronic  Transaction  (SET)  Payment  Protocol 

Security  for  credit  card  transactions  will  be  provided  in  accordance  with  the  SET  protocol.  It  deflnes 
how  credit  card  numbers  will  be  sent  over  the  Internet  securely.  It  is  based  on  RSA  Public  Key 
Cryptology  and  has  wide-spread  industry  support.  Under  the  SET  protocol  Public  Key  Certificates, 
specifically  an  ANSI  X.509  Certificate,  will  be  used  by  all  parties  who  initiate  or  process  credit  card 
transactions  over  the  Internet.  The  SET  protocol  assumes  the  consumer,  the  merchant,  and  the 
acquiring  bank  have  an  X.509  Public  Key  Certificate  and  that  they  were  issued  to  the  correct  person. 
A  Public  Key  Certificate  is  used  to  positively  identify  each  party  to  the  other.  In  this  way,  a  consumer 
is  assured  that  the  merchant's  Web  Server  is  legitimate.  Likewise,  the  merchant  is  assured  that  the 
consumer  is  legitimate.  These  assurances  are  critically  important  to  secure  Internet  based 
transactions. 

To  process  credit  card  transactions  using  the  SET  protocol  VeriFone  will  implement  two  additional 
software  modules.  One  module,  called  vPOS,  will  be  added  to  the  Merchant's  WWW  server.  The 
other  module  called  vGate  will  be  added  to  the  Acquiring  bank's  WWW  server.  Together  with  the 
consumer's  vWallet  software  the  SET  protocol  defines  how  a  consumer's  Internet  "credit  card 
number"  will  be  processed  just  as  the  credit  card  number  from  a  magnetic  stripe  card  is  processed  at 
a  merchant's  countertop.  The  vPOS  software  on  the  merchant's  WWW  server  operates  just  like  the 
card  swipe  terminal  operates  on  the  merchant's  countertop  today. 

Implementation  of  Other  Payment  Systems 

Other  Internet-based  payment  schemes  will  be  integrated  into  the  Electronic  Wallet  over  time.  In  its 
initial  release,  VeriFone's  vWallet  will  include  only  credit  card  payment  capability  under  the  SET 
protocol.  As  soon  as  possible  VeriFone  will  add  other  Internet-based  payment  schemes  to  vWallet 
such  as  the  electronic  check,  electronic  cash,  electronic  money,  micropayments,  etc.  These  new 
payment  schemes  will  be  secure,  popular  methods  of  payment. 
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Chip  Card  ReaderAVriter  Terminal 

The  chip  card  reader/writer  terminal  connected  to  a  consumer's  PC  will  store  the  consumer's  Private 
Key  and  Public  Key  CertiHcate  more  securely  than  simply  storing  it  on  a  PC  hard  disk.  VeriFone 
refers  to  this  component  as  "PayPort"  or  the  "Personal  ATM". 

Public  Key  Certificate  Chip  Card 

The  chip  card  will  store  and  retrieve  a  consumer's  Public  Key  Certiflcate  and  the  associated  Private 
Key.  Late  in  1996  when  the  Electronic  Wallet  software  is  given  to  consumers,  we  expect  MasterCard 
and  Visa  Public  Key  CertiHcates  will  be  distributed  to  consumers  over  the  Internet  or  on  a  floppy 
diskette.  In  any  case  we  expect  the  consumer  will  store  his  Public  Key  CertiHcate,  and  his  Private 
Key  on  his  PC's  hard  disk  or  on  a  floppy  diskette.  For  security  reasons  these  data  items  should  be 
stored  on  a  tamper-resistant,  non-reproducible  chip  card.  A  chip  card  reduces  the  potential  for  end- 
user  fraud  and  it  enables  the  consumer  to  make  purchases  from  any  Internet  connected  computer  or 
kiosk  that  is  properly  configured. 
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Appendix  B 
A  View  of  Future  Money  Systems 


In  the  last  12  months  VeriFone  has  made  a  number  of  strategic  investments  that  support  Public  Key- 
based  payment  systems  for  the  Internet.  Our  acquisition  of  a  company  called  Enterprise  Integration 
Technologies  (EIT),  and  its  combination  with  our  credit  card  and  smart  card  terminal  transaction 
departments  enables  VeriFone  to  create  and  deliver  Internet-based  transaction  processing  hardware 
and  software  systems  like  those  we  developed  for  the  credit  card  and  smart  card  industries.  Another 
strategic  investment  was  in  CyberCash— a  company  that  develops  and  markets  a  number  of  Internet 
payment  schemes  that  depend  on  Public  Key  Cryptology.  These  strategic  moves  and  our  ongoing 
participation  in  international  chip  card  projects  demonstrate  VeriFone's  belief  that  the  future 
infrastructure  for  global  money  systems  will  be  based  on  the  Internet  and  chip  cards.  Furthermore,  it 
is  our  belief  that  from  a  technical  perspective  the  security  concerns  that  surround  Internet-based 
payments  today  will  be  resolved  if  the  private  sector  can  develop  a  Public  Key  Certification 
infrastructure  that  allows  businesses  to  control  business  risk. 

Keeping  in  mind  (a)  the  key  payment  system  components  VeriFone  is  developing,  (b)  our  assessment 
of  several  global  business  trends,  and  (c)  our  commitment  to  the  development  of  new  payment 
systems  based  on  Public  Key  Cryptology,  I  want  to  describe  a  scenario  that  could  define  the  future  of 
money.  The  scenario  begins  when  the  banking  industry  decides  a  smart  card  and  a  smart  card 
reader/writer  should  be  issued  to  its  Internet  banking  customers.  The  initial  use  for  this  equipment 
would  be  to  store  securely  the  customer's  Private  Key  and  Public  Key  Certiflcate  on  a  de^'ice  that 
could  be  separated  for  security  reasons  from  his  home  PC.  If  the  banking  industry  decided  this 
equipment  was  necessary  and  justifled  from  a  security  standpoint,  then  the  following  interesting 
enhancements  and  opportunities  are  among  those  that  could  be  created  to  provide  benefits  for  the 
public  and  private  sectors. 

/.  Internet  Electronic  Wallet 

The  flrst  enhancement  to  Internet-PC's  equipped  with  a  smart  card  reader/writer  terminal  might  be 
the  development  of  an  electronic  wallet  to  enable  Internet  electronic  cash  to  be  securely  transferred 
onto  a  chip  card.  Essentially  this  would  create  an  Internet-based  Stored  Value  Card  that  could  be 
reloaded  at  a  consumer's  home,  or  anywhere  there  was  an  Internet  Kiosk,  a  Network  Computer,  or 
another  PC.  Furthermore,  the  Internet  electronic  check,  the  Internet  "credit  card",  and  other  forms 
of  electronic  money  could  be  stored  on  a  chip  card  and  electronic  wallet.  Then  the  Internet  software 
"wallet"  that  initially  resided  only  on  a  consumer's  PC  would  become  a  physical  electronic  device 
that  could  be  easily  carried.  Thus  a  consumer  would  be  able  to  initiate  transactions  that  required  a 
Digital  Signature-including  flnancial  transactions-from  any  Internet  point.  Typical  non-flnancial 
transactions  are  those  such  as  signing  a  proposal  or  a  contract,  approving  a  company  purchase 
order,  or  gaining  access  to  information  stored  in  a  database  repository. 

2.  Internet-Based  Government  Transfer  Payment  System 

A  PC  or  kiosk  connected  to  the  Internet  and  equipped  with  a  smart  card  terminal  could  be  used  as  a 
chip  card  reloading  station  for  government  Electronic  Benefits  Transfer  (EBT),  such  as  food  stamps. 
A  welfare  recipient  could  be  issued  a  smart  card  with  a  private  key  and  public  key  certificate  from  a 
bank  or  other  institution  contracted  to  perform  these  services.  A  welfare  recipient  or  any  citizen 
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receiving  transfer  payments  would  download  his  benents  onto  a  personalized  chip  card  even  if  he  did 
not  have  a  bank  account.  An  Internet-based  EBT  disbursement  system  would  not  be  regional  limited 
but  would  use  the  ubiquitous  Ml  infrastructure. 

i.  hiternct-Based  Merchant  Terminals 

If  the  government  certified  an  Internet-based  chip  card  disbursement  scheme  for  transfer  payments 
to  citizens  over  the  Internet,  then  VeriFone,  as  well  as  other  vendors,  could  develop  merchant 
terminals  that  would  accept  both  private  sector  and  public  sector  Internet  payment  schemes.  Since 
the  development  of  Internet  merchant  terminals  has  not  begun  yet,  now  is  the  time  for  long-term 
planning  in  partnership  with  industry. 

4.  Business  Case  for  Internet-Connected  Merchant  Terminals 

The  possibility  that  Internet  consumers  could  use  their  Electronic  Wallet  and  chip  cards  to  make 
purchases  at  countertop,  AND  the  prospect  that  welfare  recipients  could  use  the  same  type  of 
Internet  chip  cards  to  receive  and  spend  EBT  "money",  should  be  sufficient  incentive  to  encourage 
merchants  to  "upgrade"  magnetic  stripe  terminals  to  chip  card-based  terminals.  The  "upgrade" 
would  include  connecting  these  merchants  directly  to  the  Internet.  In  this  way,  a  merchant  would  be 
able  to  accept  Internet-based  checks,  credit,  cash  and  government  transfer  payment  schemes,  as  well 
as  traditional  non-Internet  based  payment  schemes  based  on  magnetic  stripe  cards,  paper  checks  and 
Federal  Reserve  paper  notes.  A  striking  example  might  be  a  grocery  store  chain  willing  to  pay  for  the 
installation  of  Internet  EBT  kiosks  so  welfare  recipients  could  download  their  benefits  on  a  chip  card. 
At  the  grocery  store's  checkout  register  the  welfare  recipient  with  an  Internet  EBT  chip  card  and  a 
person  with  an  Internet  electronic  check,  electronic  cash,  or  credit  account  would  use  the  same 
terminal  to  initiate  an  Internet  payment 
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Statement  of  John  J.  Donegan 

Vice  President  of  Operations 

First  Virtual  Holdings,  Incorporated 

before  the 

Domestic  and  International  Monetary  Policy  Subcommittee 

House  Banking  and  Financial  Services  Committee 

regarding 

"The  Future  of  Money" 

June  11,  1996 


Chairman  Castle  and  Members  of  the  Subcommittee,  I  am  Dr.  John  J.  Donegan.  I 
currently  serve  as  Vice  President  of  Operations  of  First  Virtual  Holdings,  Inc.,  a  San  Diego, 
California-based  company  which  has  developed  one  approach  toward  providing  security  and 
authentication  of  payments  made  over  the  Internet.  First  Virtual  is  a  privately  held  corporation. 
We  have  been  providing  secure  financial  transactions  for  our  Internet  customers  since  October 
1994. 

First  Virtual  appreciates  this  opportunity  to  appear  before  the  Subcommittee  and  to 
participate  in  your  efforts  to  understand  the  legal  and  policy  issues  raised  by  the  emerging  world 
of  electronic  commerce.  This  exploration  will  truly  be  a  joint  venture  between  the  public  and 
private  sectors.  This  commercial  frontier  is  so  new,  and  its  ultimate  shape  so  open  to 
speculation,  that  much  effort  and  cooperation  by  everyone  will  be  required  to  map  out  the 
wilderness. 

EXECUTIVE  SUMMARY 

First  Virtual's  Internet  payment  system  came  on-line  in  October  1994.  We  have  our 
headquarters  in  San  Diego.  Our  scientific  team  includes  some  of  the  world's  leading 
Internet  experts. 

Since  1994  we  have  settled  nearly  200,000  transactions,  primarily  for  the  sale  of 
intellectual  property.  Today  we  serve  more  than  145,000  customers  and  1,800  merchants, 
located  in  more  than  140  countries.  We  believe  that  our  approach  toward  providing 
Internet  payments  security  is  generally  simpler  for  our  customers  than  competing 
alternatives.  Nevertheless,  all  electronic  commerce  systems  raise  complex  technical  issues. 

First  Virtual  is  unique  in  that  we  do  not  rely  on  encryption  to  assure  safe 
transmission  of  critical  payment  information.  Instead,  only  non-sensitive  information  travels 
on  the  Internet.  Our  buyer  feedback  system  is  based  upon  ordinary  E-mail,  the  lowest 
common  denominator  of  Internet  connectivity.  Our  customers  use  personal  identification, 
a  Virtual  PIN™,  which  is  useless  off-Net,  and  requires  E-mail  confirmation  for  on-Net  use. 
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Our  security  philosophy  is  to  keep  it  simple.  Our  security  system  is  process-based,  not 
technology-based.  While  our  security  system  is  not  cryptographic  we  are  not  opposed  to 
cryptography.  In  fact,  we  employ  it  in  many  ways.  We  consider  the  use  of  existing  Internet 
infrastructure  and  the  lack  of  need  for  distributed  software  to  be  an  asset.  We  do  not  claim 
that  our  system  is  invulnerable  to  attack.  But  we  have  simplified  our  security  challenge  by 
keeping  our  customers'  credit  card  numbers  off  the  Internet. 

Now  Is  the  time  for  Congress  to  inform  itself.  You  appear  to  understand  that 
pranature,  excessive  regulation  could  stifle  Internet  commerce.  We  agree  with  that.  We 
believe  that  a  survey  of  existing  law  and  regulations  will  reveal  that  most  electronic 
commerce  circumstances  can  be  adequately  addressed.  One  of  the  key  tasks  of  your 
Subcommittee  is  to  undertake  such  a  survey  of  existing  laws  and  regulations  which  apply 
to  new  financial  technology.  Only  after  evaluating  the  current  legal  landscape  should  new 
lawmaking  address  potential  problems  which  could  undermine  public  confidence.  Effective 
public  policy  will  reduce  risk,  not  merely  transfer  it.  Risk  should  be  both  minimized  and 
then  spread  across  multiple  protection  factors  so  that  a  breach  in  any  single  one  does  not 
result  in  catastrophic  failure  of  a  security  system.  There  are  two  general  policy 
recommendations  that  we  would  make  now. 

First,  ail  those  involved  in  Internet  commerce  must  educate  their  customers 
regarding  the  nature  of  the  Internet  and  the  available  means  for  resolving  commercial 
disputes  in  cyberspace.  First  Virtual  delivers  such  support  services  around  the  clock,  every 
day  of  the  week. 

Second,  the  banking  regulators  can  utilize  their  general  safety  and  soundness 
authority  to  encourage  financial  institutions  to  investigate  the  adequacy  of  security  provided 
by  payment  systems,  and  to  reevaluate  the  security  of  their  own  data  storage  and 
transmission  activities.  The  Federal  Reserve  took  a  positive  step  in  this  direction  in  its  May 
21st  Order  recognizing  that  Internet  banking  met  the  test  for  a  permissible  bank  holding 
company  activity;  and  that  banking  organizations  undertaking  such  services  must  analyze 
potential  risks  and  make  appropriate  provisions  for  the  protection  of  critical  data. 

Internet  payment  systems  such  as  First  Virtual  are  necessary  due  to  the  very  nature 
of  Internet  commerce.  Customer  and  merchant  authentication  must  be  provided.  The 
Internet's  technology  both  facilitates  commerce  and  erects  a  barrier  to  it.  Inevitable  service 
problems  make  it  impossible  for  consumers  to  differentiate  between  technical  failures  and 
fraud.  One  of  our  key  roles  is  to  mediate  and  resolve  such  problems  for  a  customer 
population  that  is  largely  new  to  computers  and  the  Internet. 

First  Virtual  is  not  a  banking  institution.  With  the  exception  of  Regulation  Z,  which 
governs  chargebacks,  we  are  not  subject  to  Federal  Reserve  regulations.  First  Virtual  does 
not  believe  that  Internet  payment  systems  should  be  subjected  to  bank-like  regulation.  But, 
as  the  Fed  has  recognized,  financial  institutions  should  not  attempt  to  conduct  business 
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through  electronic  systems  with  serious  security  flaws.  Their  mass  exploitation  by  criminal 
elements  could  seriously  retard  the  progress  of  electronic  commerce.  Maintaining  Internet 
site  security  is  critically  important.  At  the  same  time,  law  enforcement  agencies  should  be 
afforded  the  best  resources  to  deal  with  computer  criminals. 

There  are  areas  where  regulation  is  not  keeping  up  with  technology.  The  legal  system 
has  yet  to  realize  the  critical,  powerful  role  of  the  system  administrator  in  the  information 
society.  Like  other  firms  we  use  great  care  regarding  employee  hiring  standards,  and  utilize 
other  controls  to  prevent  unauthorized  use  of  account  information.  In  the  future,  system 
administrators  may  need  to  be  held  to  the  same  high  standards  as  other  trusted  individuals 
within  society.  Public  policy  makers  need  to  understand  the  potential  consequences  of 
security  system  failure  and  must  ask  what  has  been  done  to  bound  those  risks. 

In  all  current  legal  regimes  the  key  question  of  jurisdiction  is  largely  geography- 
based.  The  Internet  obliterates  geography  and  therefore  challenges  existing  practices.  It 
would  be  desirable  if  multinational  bodies  established  universal  standards  for  Internet 
commerce.  But  these  issues  raises  difficult  questions  of  sovereignty  and  differing  legal 
regimes.  Sorting  this  out  will  take  time.  In  the  interim,  we  believe  that  the  simplest  and 
most  secure  approaches  to  Internet  commerce  are  best.  As  First  Virtual  serves  businesses 
and  consiuners  around  the  globe  we  will  be  pleased  to  share  useful  data  and  insights. 

Not  everything  in  electronic  commerce  is  a  challenge  for  future  policy.  One  of  the 
most  exciting  aspects  of  Internet  commerce  is  the  hospitable  environment  it  affords  to 
entrepreneurial  microbusinesses.  Flexible  payment  systems  are  a  key  to  avoiding  haves  and 
have-nots  on  the  Net.  Our  payment  system  accommodates  the  smallest  companies.  One  can 
be  a  First  Virtual  merchant  without  meeting  the  more  vigorous  standards  of  the  established 
credit  card  networks.  The  only  cost  for  this  is  that  payment  is  delayed  in  recognition  of  the 
chargeback  period  established  by  Federal  law. 

First  Virtual  is  committed  to  Internet  commerce.  We  believe  it  is  inevitable  and  that 
its  potential  far  outweighs  its  threats.  Many  of  the  risks  described  in  our  testimony  are 
faced  by  our  company.  None  of  these  risks  are  new  and  many  people  are  working  on  their 
solutions.  We  are  committed  to  building  public  confidence  in  electronic  commerce  while 
maintaining  the  fundamental  soundness  of  the  financial  system.  We  do  not  have  any  neat 
and  simple  solutions  for  you.  But  we  are  willing  to  continue  a  dialogue  with  you,  your  staff, 
and  with  other  Members  in  the  quest  for  modem  laws  for  a  new  financial  age. 

My  Background 

First  Virtual  is  a  very  young  company,  and  I  have  only  recently  become  a  part  of  its 
team.  Most  of  my  career  was  spent  in  the  U.S.  Navy.  I  am  a  graduate  of  the  Naval  Academy 
and  later  received  a  doctorate  in  physics  from  the  Naval  Postgraduate  School.  My  engineering 
background  enabled  me  to  participate  in  the  Navy  High  Energy  Laser  Program,  the  AEGIS 
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shipbuilding  project  ~  where  I  led  the  combat  system  design  team  for  the  Arleigh  Burke  class 
destroyer-and  the  Strategic  Defense  Initiative.  In  June  1989  I  assumed  command  of  the  Naval 
Research  Laboratory  in  Washington,  DC,  and  later  that  year  was  promoted  to  the  rank  of  Rear 
Admiral.  In  January  1992  I  became  the  first  commander  of  the  Naval  Command,  Control  and 
Ocean  Surveillance  Center  in  San  Diego.  I  retired  from  the  Navy  in  1994.  That  same  year  I 
received  a  three  year  appointment  to  the  National  Research  Council  of  the  National  Academy 
of  Sciences.  Until  joining  First  Virtual  earlier  this  year  I  had  an  active  consulting  practice. 

I  will  describe  how  First  Virtual 's  approach  toward  Internet  payments  security  is 
generally  simpler,  from  a  customer's  perspective,  than  that  undertaken  by  others  in  the  field. 
Nevertheless,  all  electronic  commerce  systems  involve  issues  of  significant  technical  complexity. 
First  Virtual  felt  that  my  scientific  and  organizational  background  would  be  a  good  fit  with  their 
need  for  a  hands-on  director  of  operations.  In  my  short  time  with  First  Virtual  I  have  found  that 
the  tasks  involved  with  running  an  Internet  payments  security  firm  are  every  bit  as  challenging 
and  exciting  as  the  projects  I  worked  on  in  the  national  defense  arena. 

Company  History 

First  Virtual  was  formed  in  early  1994  to  facilitate  Internet  commerce.  The  genesis  of 
First  Virtual  was  a  chance  meeting  between  its  founder  and  CEO,  Lee  Stein,  with  Internet 
scientist  and  visionary  Einar  Stefferud  in  an  airport  lounge.  Mr.  Stein  was  intrigued  by  the 
scientist's  review  of  his  E-mail  using  a  wireless  link  from  a  laptop  computer,  and  they  continued 
their  discussion  of  this  technology  during  their  flight. 

Lee  Stein,  an  attorney  with  an  accounting  background,  had  been  a  very  successful 
Hollywood  business  manager.  His  original  vision  was  to  sell  a  joke  a  day,  for  a  penny,  on  the 
Internet.  When  he  realized  there  was  no  mechanism  to  pay  for  such  a  service.  First  Virtual  was 
bom.  Our  scientific  team,  in  addition  to  Mr.  Stefferud,  includes  Dr.  Nathaniel  Borenstein  and 
Dr.  Marshall  Rose,  all  widely  known  as  leading  Internet  scientists. 

During  its  early  days  First  Virtual  operated  as  a  truly  virtual  company  with  no  fixed 
headquarters  and  all  communications  between  its  far-flung  staff  accomplished  by  conference  call 
or  E-mail.  Using  this  process  a  fiiUy  capable  Internet  Payment  System  began  operation  in 
October  1994.  Fifteen  months  after  start-up  First  Virtual  did  set  up  a  central  administrative 
office  in  San  Diego,  but  even  today  our  principals  are  in  constant  transit  and  rely  heavily  on  E- 
mail  to  coordinate  company  management.  Our  experience  as  a  virtual  company,  and  many  of 
the  other  matters  covered  in  my  testimony,  are  described  in  greater  detail  in  the  document 
"Perils  and  Pitfalls  of  Practical  Cybercommerce/The  Lessons  of  First  Virtual 's  First  Year", 
which  I  am  submitting  for  the  hearing  record  as  a  supplement  to  this  statement. 

Since  1994  we  have  settled  over  184,000  transactions.  These  have  almost  all  been 
software,  documents,  or  other  intellectual  property  that  can  be  delivered  electronically.  Today, 
First  Virtual  has  grown  to  over  145,000  customers  and  over  1800  merchants  in  more  than  140 
countries.  This  year,  we  will  upgrade  our  system  to  permit  payments  for  goods  that  need  to  be 
physically  shipped  as  well  as  intellectual  property. 
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The  First  Virtual  Security  System 


First  Virtual 's  principal  difference  from  other  Internet  security  approaches  is  that  we  do 
not  rely  on  encryption  to  assure  safe  transmission  of  critical  payment  information.  Instead,  safety 
is  assured  by  enforcing  a  separation  between  non-sensitive  information,  which  is  sent  over  the 
Internet,  and  sensitive  credit  card  information,  which  is  never  on  the  Internet.  A  buyer  feedback 
system  is  built  upon  ordinary  E-mail,  the  lowest  common  denominator  of  Internet  connectivity. 

Very  simply,  our  system  works  like  this:  A  First  Virtual  customer  who  wishes  to  transact 
business  with  a  First  Virtual  merchant  sends  their  Virtual  PIN™  over  the  Internet.  The  merchant 
in  turn  transmits  a  document  containing  that  account  identifier  to  First  Virtual.  We  then  send  an 
E-mail  to  the  purchaser  asking  them  to  confirm  the  transaction.  Their  choices  for  answer  are 
"yes"  (I  want  it),  "no"  (I  changed  my  mind),  or  "fraud"  (I  did  not  place  the  order).  Only  when 
First  Virtual  receives  a  "yes"  is  a  credit  card  transaction  initiated.  That  transaction  proceeds 
through  the  existing  bankcard  processing  system.  In  our  system,  sensitive  and  exploitable 
payment  information,  such  as  credit  card  numbers,  are  never  stored  or  transmitted  on  the 
Internet. 

Unauthorized  interception  of  a  customer's  First  Virtual  pin  is  unattractive  because  it  is 
useless  off-Net,  and  requires  E-mail  confirmation  for  use  on-Net.  By  eliminating  the  need  for 
encryption  by  the  purchaser,  we  eliminate  the  need  for  a  software  distribution  system  and  for 
our  customers  to  install  additional  software.  Our  security  philosophy  is  to  keep  it  simple.  We 
rely  on  the  accepted  Internet  processes  and  add  no  additional  infrastructure  to  the  Net.  First 
Virtual' s  process  based  approach  to  Internet  payment  security  is  thus  fundamentally  different 
from  technology  based  solutions  being  utilized  or  proposed  by  most  other  entrants  to  this  field. 

General  Policy  Recommendations 

Mr.  Chairman,  we  would  generally  compliment  you  and  your  colleagues  for  your 
understanding  that  the  worst  thing  the  national  government  could  do,  vis-<i-vis  the  fledgling 
world  of  Internet  commerce,  is  to  stifle  or  distort  its  development  with  excessive  regulation. 
That  attitude  is  shared  by  such  key  agencies  of  government  as  the  Office  of  the  Comptroller  of 
the  Currency  and  the  Board  of  Governors  of  the  Federal  Reserve. 

In  our  opinion,  your  Subcommittee  has  the  correct  emphasis  for  the  government  at  this 
point  in  the  development  of  Internet  commerce.  You  are  informing  yourself  about  how  the  Net 
operates  and  how  various  parties  propose  to  facilitate  commerce.  You  are  asking  questions  about 
consumer  protection,  monetary  control,  financial  safety  and  soundness,  law  enforcement,  and 
all  of  the  other  key  public  policy  concerns  that  will  come  to  the  fore  as  Net  commerce  develops. 
We  are  pleased  that  you  are  taldng  this  course  of  action. 

We  appreciate  the  challenge  faced  by  those  charged  with  public  policy  responsibilities. 
You  do  not  want  to  take  actions  which  can  slow  the  growth  of  this  exciting  new  commercial 
sector  or  cause  it  to  develop  in  an  inefficient  manner.  But  you  do  not  want  to  ignore  the 
potential  problems  which,  if  not  addressed,  could  be  detrimental  to  Internet  commerce  by 
undermining  public  confidence.  Finding  the  right  balance  is  always  a  challenge.  We  at  First 
Virtual  are  extremely  confident  that  Net  commerce  will  be  a  major  factor  in  the  U.S.  and  world 
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economies  in  coming  years.  Fortunately,  that  growth  should  occur  at  a  reasonable  pace  which 
gives  the  public  sector  sufficient  lead  time  to  provide  the  proper  legal  and  regulatory  structure 
to  facilitate  healthy  development.  Oversight  and  education  should  remain  the  priorities  for  the 
time  being.  Subsequent  policy  decisions  will  be  easier  once  the  Net  has  had  more  time  to  mature 
into  a  commercial  marketplace. 

Focusing  first  on  insured  financial  institutions  and  their  customers,  we  do  have  two 
general  policy  recommendations  to  make  at  this  time.  Neither  one  requires  new  legislation,  as 
both  are  within  the  ability  of  the  banking  regulators  under  their  general  safety  and  soundness 
prerogatives,  as  well  as  their  ability  to  move  the  industry  by  moral  suasion. 

First,  those  involved  in  Internet  commerce  —  both  financial  institutions  and  new  payment 
systems  —  have  a  responsibility  to  educate  our  customers  about  the  Internet  and  the  means  we 
provide  for  resolving  problems  encountered  in  commercial  transactions.  First  Virtual  is  already 
pursuing  this  goal  by  deploying  a  Customer  Service  and  Support  organization  built  around 
proactive  monitoring  systems.  This  allows  First  Virtual  to  deliver  support  services  7  days  per 
week  and  24  hours  per  day.  Customer  Support  is  provided  by  electronic  mail,  fax,  and  an  800 
number  telephone  service.  Customers  also  have  access  to  numerous  self-help  reference  material 
at  First  Virtual's  web  and  ftp  sites.  In  addition,  Internet  mailing  lists  have  been  established  that 
facilitate  information  sharing  among  buyers  and  sellers. 

Second,  the  banking  regulators,  through  their  authority  to  maintain  safety  and  soundness, 
need  to  encourage  insured  institutions  to  investigate  the  adequacy  of  security  provided  by 
payment  systems,  and  to  simultaneously  reevaluate  the  security  of  their  internal  data  storage  and 
transmission  activities. 

The  Federal  Reserve,  in  its  May  21st  approval  of  Cardinal  Bankshares'  request  to 
engage  in  providing  Internet  banking  and  financial  services,  took  a  constructive  step  in  this 
direction.  The  Fed  is  to  be  commended  for  its  determination  that  Internet  banking  satisfies  both 
parts  of  the  closely  related  and  proper  incident  test  for  permissible  bank  holding  company 
activities.  The  Fed's  Order  is  instructive  in  that  it  recognized  that — 

-The  provision  of  banking  services  over  the  Internet  may  expose  financial 
institutions  and  their  customers,  information  and  transactions  to  electronic 
interception,  interference,  or  fraud. 

-No  software  or  security  system  can  provide  absolute  protection  against 
such  risks. 

-These  types  of  risks  are  already  present  for  traditional  banking 
operations. 

-Banking  organizations  undertaking  Internet  services  must  carefully 
analyze  potential  risks  and  evaluate  them  in  light  of  their  own  policies 
relating  to  the  security  of  customer  information  and  other  data. 


159 


-Such  analysis  and  evaluation  should  be  followed  by  the  implementation 
of  any  modifications  of  infonnation  security  procedures  and  controls  as 
are  necessary  or  appropriate  in  light  of  potential  risks. 

-Such  organizational  actions  can  substantially  mitigate  the  risk  of  unsound 
banking  practices. 

There  are  examples  of  existing  law  already  providing  a  framework  which  can  be  adopted 
to  the  operations  of  Internet  payment  service  providers.  Section  7(c)  of  the  Bank  Service 
Corporation  Act  requires  banks  to  notify  banking  regulators  within  thirty  days  that  they  have 
entered  into  a  contract  with  a  service  provider  for  activities  such  as  home  banking.  The  Act, 
while  not  rigorously  enforced,  also  subjects,  such  service  providers  to  examination  by  the 
regulators.  While  not  directly  applicable  to  an  entity  such  as  First  Virtual  -  since  our  contractual 
relationship  is  with  merchants  and  consumers  ~  it  is  nonetheless  an  attempt  by  existing  law  to 
bring  third  parties  within  the  safety  and  soundness  framework. 

Similarly,  the  Policy  Statement  on  EFT  Switches  and  Network  Services  issued  by  the 
Federal  Financial  Institutions  Examination  Council  (FFIEC)  alerts  boards  of  directors  and  senior 
management  to  the  risks  associated  with  switch  and  network  services  in  retail  electronic  funds 
transfer  systems.  While  the  policy  statement  is  primarily  aimed  at  automated  teller  machines 
(ATMs)  and  point  of  sale  (POS)  terminals,  it  does  refer  to  bill  payment  services.  The  FFIEC's 
concerns  include  contracts  which  fail  to  adequately  define  liabilities  and  responsibilities;  financial 
stability  of  the  switch  service;  system  failure  or  interruption;  and  audit  adequacy.  While 
covering  traditional  EFT  services,  the  examination  handbook  developed  by  the  FFIEC  has  not 
been  updated  to  provide  field  examiners  with  any  guidance  regarding  Internet  payment  systems. 
Here  is  a  situation  where  existing  laws  may  be  adequate  but  the  regulatory  structure  is  lagging 
behind  technology  and  the  marketplace. 

One  important  task  your  Subcommittee  could  undertake  is  a  comprehensive  survey  of 
existing  Federal  laws  and  regulations  which  apply,  or  may  apply,  to  new  financial  technologies 
and  their  utilization  by  both  bank  and  nonbank  financial  institutions  and  their  commercial  and 
individual  customers.  After  evaluating  the  current  landscape  in  terms  of  comprehensiveness, 
legal  uncertainties,  and  inconsistencies,  statutory  remedies  could  be  considered. 

A  second  area  of  general  policy  recommendations  is  security.  First  Virtual  believes  that 
payment  services,  such  as  ours,  will  not  need  to  be  subjected  to  bank-like  regulation.  As  the  Fed 
noted  in  the  Cardinal  Bankshares  illustration  above,  there  needs  to  be  a  healthy  respect  for  the 
technology  capabilities  and  limitations  to  promote  safety  and  soundness  in  systems  which 
facilitate  credit  card  utilization.  We,  and  you,  do  not  want  financial  institutions  and  their 
customers  transacting  business  via  electronic  systems  which  have  serious  security  flaws.  If 
criminal  elements  were  to  exploit  those  flaws  on  a  mass  scale  it  could  seriously  retard  the 
growth  of  electronic  financial  services  by  undermining  consumer  confidence,  and  could  trigger 
a  legislative  over-reaction  imposing  unnecessary  regulatory  burdens. 

It  is  impossible  to  overstate  the  importance  of  Internet  site  security.  We  will  continue 
to  employ  the  best  security  tools  that  are  available  in  the  industry  and  to  participate  in  security 
forums  and  teams.   We  use  proprietary  solutions  to  ensure  customer  privacy.  We  believe  that 
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those  breaking  into  computer  systems  are  committing  serious  criminal  acts  and  that  law 
enforcement  agencies  should  be  afforded  the  best  resources  available  to  combat  and  prosecute 
computer  criminals. 

Customer  education  and  dispute  resolution,  in  combination  with  appropriate  safety  and 
soundness  policies  from  the  banking  regulators,  will  do  much  to  assure  that  Internet  commerce 
develops  in  a  positive  manner  while  minimizing  the  need  for  premature  legislative  interference. 
As  public  policy  evolves,  it  should  strive  to  differentiate  between  true  reductions  of  risk  and 
mere  transfers  of  risk.  The  aim  of  public  policy  vis-i-vis  electronic  banking  and  payments 
systems  should  be  to  reduce  risk  to  the  minimum  attainable  level,  not  to  merely  shift  risk.  Risk 
should  be  both  minimized  and  then  spread  across  multiple  protection  factors  so  that  a  breach  in 
any  single  one  does  not  result  in  catastrophic  failure  of  a  security  system. 

Necessity  for  Internet  Payment  Systems 

One  question  you  may  have  asked  is  why  is  it  necessary  to  have  a  company  like  First 
Virtual  operating  between  consumers,  merchants,  and  the  traditional  financial  institutions?  Our 
answer  is  that  such  a  payment  system  is  a  necessity  due  to  the  very  nature  of  Internet  commerce. 
First,  a  mechanism  to  authenticate  identity  of  the  customer  to  the  merchant  is  a  necessary  service 
we  provide.  Second,  the  Internet  is  a  complex  set  of  technologies  and  services  that 
simultaneously  make  commerce  possible  yet  form  a  barrier  to  it. 

Service  problems  such  as  temporary  network  outages,  total  or  partial  communications 
failures,  and  subtle  software  incompatibilities  raise  consumer  issues.  A  key  point  one  needs  to 
understand  is  that,  from  the  consumer's  perspective,  it  is  impossible  to  differentiate  between  a 
technical  failure  which  prevents  a  merchant  from  delivering  paid-for  merchandise  or  providing 
a  notice  of  non-delivery  and  refund,  and  an  unscrupulous  merchant  engaging  in  fraud. 
Consumers  expect  an  Internet  commerce  system  to  mediate  and  resolve  these  problems. 
Theoretically,  traditional  financial  institutions  could  provide  that  mediation.  But,  practically,  few 
have  the  technical  expertise  to  do  so. 

Our  technical  team  has  encountered  literally  hundreds  of  bugs  that  represent  non- 
conformance of  existing  and  newly  deployed  Internet  products  and  services  with  Internet 
standards  and  practices.  Our  "Lessons"  paper  provides  many  examples  of  these  technical 
challenges.  Eventually,  the  marketplace  should  move  to  a  far  higher  level  of  software 
interoperability.  But,  even  then,  problems  wDl  arise  due  to  the  lack  of  experience  or  technical 
know-how  of  many  consumers  using  the  Internet.  For  example,  nearly  one  third  of  all  Internet 
users  make  a  mistake  when  asked  to  type  in  their  email  address! 

With  the  Internet  population  growing  rapidly  each  year,  we  assume  that  a  large 
proportion  of  our  customer  base  may  not  have  even  a  basic  understanding  of  how  their 
computers  or  the  Internet  operates.  Adding  the  fact  that  Internet  commerce  systems  are 
inevitably  international,  a  significant  proportion  of  users  will  have  a  limited  command  of 
English.  For  the  foreseeable  future,  the  job  of  an  Internet  payment  system  will  consist  in  equal 
parts  of  providing  a  means  for  security  and  authentication,  while  at  the  same  time  helping  our 
customers  distinguish  between  technical  problems  and  fraud. 
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Microbusiness  and  Micropayments 

One  of  the  most  entrepreneurial  aspects  of  Internet  commerce  is  that  it  permits 
participation  of  individuals  and  businesses  who  are  excluded  from  nonelectronic  commerce. 
Today  a  business  with  a  unique  product  or  valuable  data  is  limited  by  a  number  of  factors.  These 
include  the  cost  of  advertising  or  otherwise  making  that  portion  of  the  public  who  may  have  an 
interest  in  them  aware  of  their  existence  and  their  goods  and  services.  There  are  also  the  costs 
of  finding  wholesale  distributors  and  retail  outlets. 

The  Internet  is  uniquely  suited  to  surmounting  these  barriers,  particularly  in  regard  to 
information  services.  It  is  relatively  easy  and  inexpensive  for  a  business  to  post  a  notice  of  their 
product  or  service  on  a  newsgroup  bulletin  board  frequented  by  potential  customers,  or  to 
establish  a  page  on  the  World  Wide  Web  that  can  be  easily  found  by  any  of  the  numerous  Web 
search  engines.  Information  services,  of  course,  require  no  warehousing  other  than  storage  on 
a  server  hard  drive,  and  hard  goods  can  be  kept  at  a  central  location  and  distributed  once  an 
order  is  placed.  Valuable  services  targeted  to  a  specialized  but  geographically  dispersed  client 
base  are  commercially  viable  in  the  world  of  electronic  commerce. 

The  First  Virtual  payment  system  accommodates  these  electronic  entrepreneurs.  While 
we  have  established  relationships  with  firms  that  qualify  for  a  VISA  or  MasterCard  merchant 
account,  we  can  also  facilitate  payments  to  small  startups  who  would  not  so  qualify.  The  only 
difference  is  that  payment  to  such  micro-merchants  is  held  for  91  days  in  recognition  of  the 
"chargeback"  period  established  by  Regulation  Z.  This  hold  period  eliminates  the  need  to  screen 
microbusinesses  for  merchant  account  level  creditworthiness. 

Many  of  the  transactions  with  First  Virtual  merchants  are  for  relatively  small  amounts 
in  payment  for  various  forms  of  intellectual  property.  We  believe  that  the  costs  of  a  central 
server  with  high  requirements  for  availability  and  reliability  will  limit  its  utility  for  the  very 
smallest  of  transactions  (those  which  are  smaller  than  minimal  card  transaction  fees).  However, 
microbusinesses  seeking  micropayments  can  surmount  this  obstacle  by  aggregating  transactions 
and  then  submitting  a  single  larger  payment  request. 

Cryptography  and  Digital  Commerce 

While  First  Virtual's  security  system  is  non-cryptographic  we  are  not  philosophically 
opposed  to  the  use  of  cryptography.  We  employ  cryptography  in  communications  with  our 
merchants.  We  use  digital  signatures  to  authenticate  the  origin  of  information.  We  have  given 
a  great  deal  of  thought  to  this  subject  and  would  like  to  share  three  examples  that  may  be  useful 
in  shaping  prudent  public  policy: 

-  Earlier  this  year,  we  demonstrated  to  many  leading  technical  and  financial 
organizations,  including  the  Computer  Emergency  Response  Team  (CERT)  and  the  American 
Bankers  Association  (ABA),  that  it  was  possible  to  create  a  computer  program  which  could  be 
spread  on  the  Internet  and  which  could  install  itself  in  individual  computers.  This  program  could 
recognize  credit  card  numbers  as  they  were  being  typed  into  a  computer  in  the  instant  before 
they  were  encrypted,  and  could  then  transmit  those  numbers  in  outgoing  Internet  transmissions 
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for  delivery  to  an  anonymous  location  such  as  a  newsgroup.  Software-based  encryption  could 
be  vulnerable  to  such  attacks.  We  do  not  claim  that  our  security  system,  because  it  is  not 
encryption-based,  is  not  vulnerable  to  attack.  But  we  do  believe  that  we  have  greatly  simplified 
our  maintenance  of  security  by  keeping  credit  card  numbers  off  of  the  Internet. 

-  The  current  credit  card  and  ATM  systems  are  closed  systems.  The  Internet  is  an  open 
network  environment  which  lacks  the  safeguards  of  closed  systems  and  which  permits  anyone 
to  have  anonymous  access.  The  credit  card  industry's  security  detection  systems  are  designed 
to  detect  an  unusual  pattern  of  transactions  on  a  single  account,  whereas  Internet-abetted  credit 
card  fraud  could  involve  single  fraudulent  transactions  on  thousands  of  accounts. 

-  The  system  administrator  has  become  one  of  the  most  powerful  people  in  the 
information  society,  with  the  ability  to  read  files  and  mail  and  to  potentially  act  without 
integrity.  First  Virtual,  like  most  companies,  is  very  careful  with  respect  to  the  employees  we 
hire.  We  also  maintain  controls  through  software  design,  security  systems,  and  accounting 
procedures  to  prevent  unauthorized  access  to,  or  use  of,  user  account  information.  It  is  possible 
that,  despite  such  safeguards,  an  employee  could  divert  users'  funds.  In  the  future  it  could  be 
necessary  for  system  administrators  in  payment  systems  to  meet  the  same  fiduciary  standards  as 
bankers  and  other  trusted  individuals.  The  legal  regime  has  yet  to  recognize  their  critical  role 
in  information-based  systems. 

First  Virtual  is  committed  to  Internet  commerce.  We  believe  it  is  inevitable  and  that  its 
potential  far  outweighs  its  threats.  Many  of  the  risks  described  in  the  examples  above  are  faced 
by  our  company.  None  of  these  risks  are  new  and  many  people  are  working  on  their  solutions. 
But  we  believe  we  have  greatly  reduced  our  risks  by  keeping  credit  card  numbers  off  the  Internet 
and  by  storing  all  of  our  customer  and  merchant  data  in  an  off-Net  computer  behind  strong 
firewalls. 

Public  policy  makers  must  become  familiar  with  and  evaluate  the  systemic  safety  and 
soundness  risks  of  all  developing  systems  for  Internet  banking  and  payments.  What  are  the 
potential  consequences  of  security  system  failure  and  what  steps  have  been  taken  to  bound  those 
risks?  They  must  inquire  how  well  both  insured  and  nonbank  financial  institutions  understand 
these  risks,  and  to  what  extent  they  have  informed  their  customers  and  provided  instruction 
regarding  safeguards  and  precautions.  In  short,  responsible  public  policy  makers  will  not  use 
these  risks  as  an  excuse  to  stifle  Internet  commerce.  But  neither  will  they  turn  a  blind  eye  and 
rely  on  hope  as  the  only  preventative  measure. 

International  Considerations 

It  has  quickly  become  a  clich6  to  say  that  there  is  no  geography  on  the  Internet.  But,  like 
most  cliches,  it  is  true.  The  Internet  simply  obliterates  geogrsq>hy.  I  can  transact  business  at  any 
hour  of  the  day  or  night  with  any  party  located  anywhere,  and  we  can  do  this  for  the  price  of 
a  local  phone  call  so  far  as  communication  costs  are  concerned. 

All  current  legal  regimes  are  geography-based.  The  first  question  asked  when  a  contract 
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is  in  dispute  or  a  crime  has  been  committed  is  who  has  jurisdiction,  which  is  primarily  a 
question  about  geographic  location.  But  in  Internet  commerce  that  can  be  a  very  difficult 
question  to  answer. 

It  would  be  desirable  if  universal  standards  and  approaches  applicable  to  Internet 
commerce  were  agreed  upon  by  multinational  lawmaking  bodies.  It  would  be  preferable  if 
international  banking  and  law  enforcement  authorities  quickly  established  parameters  for 
determining  who  was  responsible  for  regulating  international  electronic  commerce  and  for 
prosecuting  misdeeds.  But  discussions  of  these  issues  quickly  raise  issues  of  national  sovereignty 
and  differing  legal  regimes  which  are  difficult  to  resolve.  The  reality  is  that  it  will  probably  be 
many  years  before  international  authorities  even  agree  on  what  the  potential  problems  are,  much 
less  how  they  should  be  resolved. 

In  this  environment  we  believe  that  the  simplest  approach  to  Internet  payments  ~  the 
approach  which  is  least  vulnerable  to  attack,  breakdown,  or  misunderstanding  ~  may  be  the  best 
approach.  In  spite  of  the  fact  that  we  have  not  actively  sought  an  international  presence,  First 
Virtual  has  merchants  and  customers  in  every  comer  of  the  globe.  In  the  future  we  will  be 
working  to  grow  in  this  area.  As  we  learn  from  our  own  experience  of  operating  on  this  world- 
wide basis  we  would  be  pleased  to  share  useful  data  and  insights  with  you. 

Conclusion 

Mr.  Chairman,  we  appreciate  this  opportunity  to  appear  before  the  Subcommittee  today. 
We  commend  you  for  your  commitment  to  gain  a  full  understanding  of  the  public  policy  issues 
raised  by  new  financial  technologies,  and  to  your  quest  for  a  regulatory  regime  which  recognizes 
challenges  without  stifling  commerce. 

First  Virtual's  approach  to  Internet  payment  security  has  been  derided  by  some  as  low- 
tech  and  boring.  Bankers  are  often  maligned  for  being  boring,  and  they  often  take  it  as  a 
compliment.  History  shows  that  exciting  bankers  often  precipitate  financial  catastrophes. 

Our  highly  sophisticated  team  of  Internet  experts  made  a  deliberate  decision  to  design  a 
workable  system  that  exploited  the  existing  Internet  structure.  It  may  not  be  as  technologically 
elegant  as  some  other  approaches  to  Internet  commerce.  But  it  works. 

In  our  company's  short  history  we  have  encountered  a  wide  variety  of  business  and 
technological  challenges.  They  in  turn  have  given  us  a  keen  appreciation  of  the  challenges  faced 
by  lawmakers  who  seek  to  preserve  the  United  States'  commercial  success  while  maintaining  the 
fundamental  soundness  of  the  financial  system.  We  do  not  have  any  neat  and  simple  solutions 
for  you.  But  we  are  willing  to  continue  a  dialogue  with  you,  your  staff,  and  with  other  Members 
in  the  quest  for  modem  laws  for  a  new  financial  age. 

I  would  be  pleased  to  answer  any  questions. 
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Introduction 

Representative  Castle  and  Members  of  the  Subcommittee,  I  appreciate  the  invitation  to 
testify  today  at  your  hearings  on  how  developments  in  new  information  technologies  may  affect 
payment  systems  in  the  United  States  and  abroad. 

These  are  very  important  matters  not  only  for  financial  services  firms,  government 
regulators,  and  the  Congress  but  also  for  the  average  American  consumer,  who  will  be 
encountering  over  the  next  5-10  years  what  promises  to  be  a  revolutionary  expansion  of  new 
financial-services  tools  and  options. 

These  technology-industry-society  issues  are  matters  that  I  have  been  tracking,  consulting 
on,  and  writing  about  for  four  decades.  They  are  also  key  issues  covered  regularly  by  Privacy  & 
American  Business,  the  national  newsletter  that  I  publish.  (I  have  put  a  copy  of  my  Privacy  Bio 
in  the  Appendix  to  this  statement,  to  indicate  the  range  of  experiences  that  I  bring  with  me  today, 
and  also  a  story  from  the  American  Banker  that  reports  on  a  speech  of  mine  addressing  these 
issues,  at  the  recent  Card  Tech/Secure  Tech  national  conference  in  Atlanta.) 

I  was  asked  to  address  two  issues  at  this  hearing: 

1 .  What  are  the  issues  of  privacy  and  personal  data  protection  that  will  arise  as  payment 
systems  move  into  an  era  of  money  cards,  smart  cards,  biometric  identifiers,  Internet  commerce, 
and  the  World  Wide  Web;  and 

2.  How  should  the  U.S.  financial  industry  and  the  U.S.  government  approach  these  issues 
in  light  of  the  European  Union's  new  Data  Protection  Directive?  Are  we  headed  on  a  collision 
course  between  the  U.S.  and  European  approaches  to  privacy  protection  in  financial  services  — 
and  many  other  fields? 

1.  Privacy  Issues  in  the  New  Payment  Systems 

Earlier  this  year,  tiie  New  York  Academy  of  Sciences,  with  a  grant  fi'om  the  Sloan 
Foundation,  held  a  four-evening  series  of  meeting  on  "Technology  and  Finance."  I  prepared  a 
paper  for  this  series  on  "Privacy  and  Security  Issues  in  the  Emerging  World  of  Electi:onic 
Financial  Affairs."  I  have  reproduced  the  paper  in  the  Appendix  to  my  testimony,  since  it 
presents  as  compactiy  as  I  know  how  to  do  the  issues  that  I  think  this  Subcommittee  wants  to 
cover  in  its  inquiry. 

Here  are  the  main  points  that  will  be  found  in  my  analysis: 

A  Baseline  Analysis  of  Privacy  and  Security  in  Financial  Affairs 

A.  Financial  transactions  have  always  been  considered  highly  sensitive  by  consumers, 
and  financial  institutions  are  expected  to  be  trustees  for  confidentiality. 
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B.  Reflecting  this  sensitivity,  both  banking  traditions  and  legal  rules  have  placed  strong 
duties  of  confidentiality  on  financial  institutions,  but  have  never  treated  customer  information  as 
absolutely  privileged. 

C.  Until  now,  advances  in  information  technology  have  not  upset  society's  desired 
balances  between  privacy-confidentiality  and  disclosure/surveillance  in  financial  affairs. 

D.  Similarly,  information-technology  developments  of  the  past  four  decades  have 
changed  the  environment  of  security  in  financial  affairs  but  not  the  basic  issues  or  organizational 
approaches. 

E.  However,  financial  privacy  issues  remain  part  of  the  American  public's  overall  strong 
concern  about  loss  of  privacy  and  the  public's  clear  desire  for  better  privacy  protection,  and  this 
will  be  a  major  consumer-rights  issue  in  the  next  decade. 

Emerging  Threats  To  Individual  Financial  Privacy  Interests 
The  rise  of  target-marketing  as  the  driving  force  in  consumer  banking,  the  movement  of 
personal  financial  transactions  online  and  on  the  Internet  (without  accepted  standards  or  legal 
protections  on  tracking  and  capture),  the  breakdown  of  boundaries  between  traditional  financial 
services  in  banking  and  other  investment  services,  and  the  spread  of  smart  cards  with  extensive 
stored  information  exemplify  the  trends  that  raise  important  privacy  issues. 

Senior  managements  of  financial  institutions  must  step  up  to  the  need  to  develop  and 
publicly  issue  new  privacy  poUcies  for  these  settings.  The  paper  describes  forces  that  may  propel 
senior  managements  to  take  up  such  actions  soon. 

Emerging  Threats  to  Society  From  New  Privacy-Enhancing  Technologies 
Developments  such  as  anonymous  online  transactions,  encryption,  and  electronic  purses 
offer  exciting  new  opportunities  to  facilitate  consumer  privacy.  But  they  also  threaten  to  inhibit  if 
not  frustrate  the  legitimate  work  of  financial-system  regulators,  tax  authorities,  and  law 
enforcement  agencies.  The  answers  lie  in  piu-suing  a  combination  of  technology  measures  and 
policyAegal  controls  that  can  preserve  the  needed  balance. 

Conclusion:  Thought  and  Effort  Will  Be  Needed  to  Continue  the  U.S.  Balance  of 
Privacy  Protection  With  Other  Vital  Social  Interests 

We  are  in  the  stage  of  problem-recognition  and  early  alarms  over  new-technology  threats 
to  privacy/security  and  other  vital  social  interests  in  the  operation  of  electronic  financial  affairs. 
As  with  earlier  adaptations  to  information-technology  applications,  we  need  to  explore  new 
standards,  and  the  combination  of  voluntary  measures  and  legal  frameworks  that  will  be  required 
to  install  these  effectively. 

Since  my  analysis  of  these  themes  is  presented  in  detail  in  the  Appendix,  let  me  draw  an 
overall  conclusion  that  seems  germane  to  these  hearings  today: 
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In  my  view,  no  miyor  new  financial-privacy  legislation  or  new  regulatory-agency 
powers  are  needed  or  would  be  usefiii  at  this  time  to  augment  the  existing  (and  extensive) 
body  of  privacy-protection  laws  and  agency  rules  that  cover  consumer  financial  services. 

There  are  amendments  to  the  Federal  Fair  Credit  Reporting  Act  pending,  to  strengthen 
fair  information  practices  protections  for  consumers,  that  I  think  would  be  very  helpful  for 
Congress  to  adopt.  However,  I  think  it  would  be  premature  and  unjustified  by  any  present  record 
of  harm  to  consumers  for  Congress  to  attempt  to  legislate  now  in  areas  such  as  money  cards, 
smart  cards,  or  Internet  commerce. 

Rather,  I  think  Congress's  key  role  is  to  monitor  developments  in  these  new-technology 
applications  as  they  unfold  in  the  financial  services  sector  over  the  next  3-5  years,  and  to  hold  a 
"watching  brief  on  behalf  of  consumer  privacy  while  it  does  so. 

In  this  regard.  Congress  could  usefully  track  experiences  with  the  voluntary  privacy 
policies  and  procedures  for  global  consumer-financial-information  transactions  that  are  being 
adopted  by  leading  financial  services  companies  (such  as  American  Express  and  Citicorp). 
Congress  can  also  keep  informed  about  the  issuance  —  and,  hopefully,  the  wide  adoption  —  of  the 
consumer  -privacy  guidelines  recently  issued  by  key  financial-industry  associations  (such  as 
VISA,  MasterCard,  the  Smart  Card  Forum,  etc.)  and  for  the  handling  of  financial  transactions  in 
the  online  world  (by  the  Interactive  Services  Association,  the  Direct  Marketing  Association,  and 
others). 


2.  U.S.-E.U.  Relations 

Let  me  turn  next  to  the  second  area  of  discussion:  potential  U.S.  conflicts  with 
implementation  of  the  European  Union's  Data  Protection  Directive. 

I  know  the  Subcommittee  is  aware  of  the  substantive  provisions  of  the  Data  Protection 
Directive,  and  its  key  requirement  that  any  company  from  outside  the  EU  that  wishes  to  transfer 
personal  information  about  an  EU  citizen  outside  the  EU  must  either 

1 .  be  taking  those  data  to  a  country  whose  privacy  regime  is  judged  to  have  "adequate" 
data  protection  (based  on  the  EU  concepts)  or 

2.  the  company  must  demonstrate  in  other  ways  that  its  operations  meet  the  EU's  Data 
Protection  standards. 

How  should  U.S.  business  and  Congress  approach  this  requirement? 
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Let  me  offer  a  series  of  observations  and  judgments  that  frame  my  thinking  on  this 
important  issue: 

1.  First,  the  national  data  protection  laws  adopted  by  13  of  the  15  European  nations  over 
the  past  two  decades  -  whose  approaches  are  reflected  in  the  "human  rights"  focus  and  many 
key  provisions  of  the  EU  Data  Protection  Directive  --  represent  a  fine,  authentic  expression  of 
European  social,  political,  and  legal  culture.  These  are  actions  that  should  cheer  the  hearts  of 
believers  in  privacy  and  freedom  wherever  they  reside  and  vote.  If  I  were  French,  or  German  or 
Swedish,  I  would  have  advocated  and  worked  for  passage  of  these  laws. 

Especially  given  the  misuse  of  records  and  information  that  marked  Nazi  practice  at 
home  and  then  across  Europe,  the  legalizing  of  privacy  values  and  institutionalizing  of  privacy 
protection  in  these  European  nation  is  something  that  every  friend  of  European  democracy 
should  welcome. 

2.  Second,  each  European  nation  and  the  European  Union  as  a  community  has  every  legal 
and  moral  right  to  prescribe  how  non-European  companies  or  other  organizations  handle  the 
personal  information  they  collect  on  consumers,  employees,  or  citizens  within  a  European  nation. 
We  insist  on  no  less  protection  for  American  citizens  when  foreign  corporations  come  to  do 
business  here,  and  we  enforce  our  equal  employment  opportunity  laws,  occupational  safety  and 
health  laws,  consumer-protection  measures,  and  tax  laws  in  just  that  fashion.  And,  we  think  it 
right  to  use  our  standards  of  judgment  as  to  what  complies  with  our  laws.  (We  would  hardly 
regard  it  as  appropriate  for  the  Iranian  interpretation  of  women's  rights  to  be  used  to  define  what 
an  Iranian  firm  operating  in  the  U.S.  could  or  could  not  do  in  employment  practices  in  complying 
with  U.S.  laws  against  sex  discrimination.) 

3.  However,  when  it  comes  to  the  processing  by  non-European  firms  of  personal 
information  about  European  consumers  outside  Europe  ~  either  in  data  processing  centers  in  the 
U.S.  or  other  nations,  or  along  online  and  Internet  channels  -  issues  of  international  comity  and 
the  free  flow  of  information  and  trade  enter  the  picture. 

For  nations  that  have  legally  defined  data  protection  as  a  human  right,  however,  comity 
and  the  fostering  of  information  and  trade  flows  become  considerations  that  are  relevant  but  not 
controlling.  The  key  issues,  it  seems  to  me,  are: 

•  how  to  identify  the  elements  of  the  European  Union's  data  protection  scheme  that 

deserve  to  be  considered  fundamental  (and  not  to  be  ignored  as  unessential)  and 

•  how  to  develop  criteria  for  assessing  how  well  organizations  from  non-EU  nations  that 

want  to  process  EU-nationals'  data  outside  their  countries  meet  those  criteria. 

4.  This  assessment  needs  to  be  done,  of  course,  with  the  same  understanding  of  the 
distinctive  U.S.  legal,  political,  and  social  culture  -  when  applied  inside  the  United  States  -  as 
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thoughtful  Americans  have  applied  to  the  different  European  traditions  and  experiences  that 
produced  the  European  data  protection  laws. 

Privacy  approaches  in  the  U.S.  have  been  a  product  of  the  following,  well-recognized 
fundamental  elements  in  our  national  life: 

•  the  basic  distrust  of  government  and  emphasis  on  individual  rights  and  choices  on 

which  our  country  was  founded; 

•  the  immense  importance  of  the  First,  Fourth,  and  Fifth  Amendments  in  our  Bill  of 

Rights  in  framing  the  ways  we  define  and  implement  privacy  rights  and 
information-handling,  and  how  our  courts  balance  those  rights  with  other 
compelling  social  interests; 

•  the  strong  states-rights  component  of  our  federal  system; 

•  the  high  status  given  to  individually-generated  litigation  and  court  rulings  as  a  powerful 

remedy  for  perceived  harm; 

•  our  selection  of  industry  sectors  for  concrete  and  tailored  legislative  action  and 

area-expert  regulatory  agency  supervision  (on  privacy  and  many  other  matters), 
rather  than  adopting  multi-industry  or  nationwide  interventions; 

•  a  major  popular  preference  for  voluntary  privacy  policies  and  actions  by  business  and 

non-profit  organizations  over  legislative  solutions,  unless  such  voluntary  actions 
are  seen  as  insufficient,  or  in  need  of  legal  reinforcement; 

•  the  powerful  role  of  the  media  in  the  U.S.  in  exposing  misconduct  or  abuses  by 

businesses  or  government,  and  the  actions  that  business  and  government  leaders 
take  to  either  avoid  media  thunderbolts  or  to  correct  mistakes  when  they  become 
public  embarrassments; 

•  the  profound  commitment  of  the  American  people  to  market-based  solutions  and 

private  choices  by  individual  consumers  about  alternative  privacy  policies, 
wherever  these  are  meaningfully  afforded; 

•  and  a  general  sense  that  if  technological  methods  can  be  found  to  let  people  set  their 

own  different  boundaries  and  balances  of  privacy,  this  would  be  a  preferred 
solution,  given  the  wide  variation  in  privacy  concerns  and  preferences  from 
individual  to  individual  that  solid  survey  research  shows  to  be  the  continuing 
situation  in  the  U.S. 
To  list  these  deep-seated  outlooks  in  U.S.  life  is  to  understand  why  privacy  policies  in  the 
U.S.  have  developed  as  they  have,  and  also  why  -  as  an  overall  system  -  this  remains  responsive 
to  the  wishes  of  the  American  public. 

5.  There  are,  of  course,  individuals  and  groups  in  the  U.S.  who  do  not  support  some  of 
these  social,  political,  and  legal  characteristics  of  the  recent  and  current  American  political 
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system,  and  who  look  longingly  at  the  legal  and  administrative  approaches  toward  privacy 
adopted  in  Europe.  They  have  every  right  under  our  Constitution  and  traditions  to  feel  and  say 
so.  But  when  issues  of  international  comity  are  involved,  it  is  the  dominant,  authentic,  and 
sustained  policies  and  philosophies  of  such  nations  that  are  examined,  and  their  effects 
exsunined. 

6.  But,  how  to  apply  the  standards  the  EU  drafted  between  1990  and  1995  to  the  policies 
of  other  nations  in  1996-98  turns  out  to  be  a  very  arduous  matter.  This  is  because  the  worlds  of 
computing  and  telecommunications  (and  their  applications  to  daily  life)  have  been  undergoing 
revolutionary  transformations  since  the  EU  Data  Protection  Directive's  formulation  and  adoption. 

Many  of  the  EU  Directive's  provisions  respond  to  what  is  known  as  third-generation 
computer  systems  —  large  organizations  having  expensive  and  huge  computer  main  frames, 
hundreds  to  thousands  of  non-intelligent  ("slave")  Terminals,  limited  online  communication 
channels  capable  of  being  closely  monitored,  and  central  managers  of  such  data  processing 
facilities  to  set,  surveil,  and  enforce  uniform  data  practices  by  each  system  user.  Registration  of 
"data  systems"  and  designation  of  a  "responsible  keeper"  for  each  of  these  was  a  sensible 
response  in  Europe,  within  its  administrative  traditions,  to  late  1960's  to  1980's  technology 
developments. 

But  we  live  in  1996  in  a  world  with  millions  of  expensive  and  huge  main  frames  but  also 
hundreds  of  millions  of  small  and  inexpensive  computers  with  local,  independent  intelligence, 
widely  distributed  down  to  the  home  level,  and  with  hundreds  of  various  communication 
channels  in  each  country  along  which  voice  and  data  communications  flow  each  day.  Should 
each  of  these  desktop  as  well  as  large-scale  computers  with  personally-identified  records  in  them 
be  registered  and  a  legally-responsible  keeper  inscribed  by  law? 

And,  to  ask  how  the  EU  Directive  (or  any  regime  of  privacy  standards)  can  be  applied  to 
the  sending,  exchanging,  and  collecting  of  personally-identified  records  into  and  out  of  a  nation 
along  the  Internet  is  to  realize  just  how  knotty  are  the  issues  that  lie  ahead  for  Europeans  and 
Americans  alike. 

What  these  realities  suggest  is  that  Europe  -  just  as  the  U.S.  and  Canada  ~  will  need  to 
rethink  and  re-engineer  I960's-1990's  privacy  and  data  protection  values  and  mechanisms  to 
reflect  the  new  information  environments. 

What  do  I  conclude  from  this  review? 

1 .  The  U.S.  as  a  nation  in  the  late  1990's  should  be  developing  new  organizational 
policies,  technological  tools,  and  public  policies  (by  appropriate  governmental  actions)  to 
enhance  our  definitions  of  privacy  and  fair  information  practices  -  in  ways  that  respond  to  U.S. 
social,  political,  and  legal  cultures  and  preferences. 
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My  judgments  here  are  informed  by  a  project  that  Privacy  tSt  American  Business 
organized  earlier  this  year  and  will  be  continuing  in  1997--98.  We  call  this  the  Global  Business 
Privacy  Policies  Project.  It's  two  areas  of  inquiry  and  action  are  the  increasing  globalization  of 
privacy  and  data  protection  rules  (of  which  the  EU  Data  Protection  Directive  is  probably  the 
most  important  step)  and  the  issue  of  how  to  define  and  protect  privacy  in  cyberspace  (covering 
the  online  and  Internet  worlds). 

The  Project  has  a  Corporate  Steering  Committee  presently  of  25  members,  who  are 
among  the  most  pro-active  U.S.  companies  and  industry  associations  on  privacy  issues.  These 
include:  AT«&T  and  AT&T  WoddNet,  America  Online,  American  Express,  Buyer's  Choice/The 
Polk  Company,  Citicorp,  Coalition  of  Service  Industries,  CyberCash,  Direct  Marketing 
Association,  Dun  &  Bradstreet,  Equifax,  First  Data  Infosource,  First  U.S.A  Bank,  Household 
International,  Interactive  Services  Association,  International  Association  for  Human  Resources 
Information  Management,  MasterCard  International,  MCI  Communications,  Prudential 
Insurance,  The  Polk  Company,  Reader's  Digest,  State  Farm  Insurance  Companies,  TransUnion, 
TRW,  US  WEST,  and  VISA  USA. 

The  Project  also  has  a  U.S.  Privacy  Experts  Group,  which  I  co-chair  with  Ronald  Plesser, 
of  Piper  &  Marbury.  Its  members  are  also  among  this  nation's  leading  specialists  on  privacy 
issues,  and  include  Robert  R.  Belair,  Russell  G.  Pipe,  Fred  Cate,  Mary  J.  Culnan,  Robert 
Gellman,  Paula  J.  Bruening,  Joel  Reidenberg,  Janlori  goldman,  Anne  W.  Branscomb,  and  H.  Jeff 
Smith. 

The  Project  has  an  active  research  agenda,  which  includes  collecting  information  on  how 
U.S.  firms  have  handled  their  employment  and  personnel  data  under  European  data  protection 
laws;  how  contracts  to  comply  with  European  laws  have  been  negotiated  by  firms  seeking  trans- 
border  data  transfer  authorization;  and  how  privacy  might  be  added  to  existing  consumer  dispute- 
resolution  programs  in  15-20  U.S.  industries. 

We  will  also  be  conducting  a  representative  national  survey  of  computer  users  in  the 
U.S.,  both  those  presently  online  and  using  the  Internet  and  those  not  yet  doing  so.  This  will 
explore  what  online  and  Internet  users  use  these  services  for  presently,  what  kinds  of  privacy 
issues  they  see  developing,  what  technological  tools  they  would  like  to  have  to  allow  them  to 
control  better  how  their  information  is  collected  or  used,  and  what  kinds  of  system  policies  and 
safeguards  they  feel  would  strike  the  right  balances  between  anonymity,  privacy, 
communication,  and  commerce  in  the  online  world. 

Finally,  we  will  be  holding  on  October  8-10  in  Washington,  D.C.  a  national  conference 
that  will  go  thoroughly  into  the  EU  Data  Protection -U.S.  and  Canada  relationships  and  issues,  as 
well  as  the  privacy -in-cyberspace  arena. 
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•  Where  we  need  strong  new  privacy  legislation  ~  as  almost  everyone  thinks  we  do  in 

the  health  information  field  -  we  should  not  hesitate  to  formulate  and  adopt  this. 

•  If  we  think  a  national  privacy  protection  agency  with  powers  like  that  of  a  European 

Data  Protection  Commission  would  be  good  for  America,  we  should  consider  this 
~  though  both  public  opinion  surveys  and  the  current  bi-partisan  political  climate 
in  the  nation  tell  us  that  this  is  not  a  likely  conclusion. 

•  And,  where  voluntary  organizational  policies,  consumer  litigation,  and  media  exposes 

seem  to  the  nation's  majority  to  be  the  right  and  useful  measures,  we  should 
pursue  those. 

In  other  words,  the  public  policies  of  the  United  States  on  privacy  should  be  made  in 
pursuit  of  what  this  nation's  public  and  its  leaders  think  is  right,  in  keeping  with  our  traditions. 
We  deliberately  chose  to  break  with  European  institutions  in  1776,  and  it  would  be 
remarkable  if  we  thought  that  a  return  to  deference  without  agreement  was  the  right  course  in 
1996. 

2.  Do  I  think  that  continuing  and  enhancing  our  privacy  approaches  will  lead  to  wholesale 
denial  of  the  ability  of  U.S.  companies,  especially  financial  services  firms  and  services,  to 
process  or  communicate  persaonal  data  on  Europeans  outside  the  EU?  Is  a  trade  war  in  the  name 
of  data  protection  about  to  unfold?  I  don't  think  so. 

I  think  accommodation  could  ~  and  will  ~  take  place  along  one  of  two  avenues: 

•  As  the  EU  defines  what  are  the  adequate  safeguards  that  a  country  must  have 

at  the  regime  or-national  level  to  meet  the  EU  Directive's  core  standards, 

as  the  EU  officials  come  to  learn  and  understand  fully  just  how  the  complex  mix 

of  private  and  public  mechanisms  actually  works  in  the  U.S.,  and  as  the  U.S. 

adopts  ~  of  its  own  will  —  various  privacy  enhancements  that  are  now  being 

considered  by  infiuential  groups  (such  as  a  system  of  private  but 

certifiable  and  enforceable  privacy  standards  adopted  by  a  consensus  process), 

many  EU  nations  may  come  to  see  the  U.S.  system  as  a  whole  as  consistent 

with  their  own  values  and  interests,  and  will  treat  U.S.  firms  accordingly. 

•  Even  if  this  conclusion  is  not  the  one  reached  by  EU  nations,  the  EU  Directive  states 

that  the  situation  in  particular  industries  and  binding  undertakings  by  individual 
companies  seeking  trans-border  data  approvals  may  be  used  to  determine 
what  is  done  in  those  situations.  Just  as  some  U.S.  firms  operating  in  Europe 
under  national  data  protection  laws  in  the  past  decade  have  negotiated  such 
agreements,  so  I  expect  that  contractual  undertakings  by  individual  companies 
and  perhaps  enforceable  industry  standards  will  come  to  be  used  after  the  EU 
Directive  begins  its  operations  in  late  1998. 
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In  several  meetings  we  have  had  this  year,  including  some  with  key  EU  officials  and 
leading  national  data  protection  officials,  we  see  the  beginnings  of  a  process  of  communication, 
education,  and  cross-fertilization  that  holds  great  promise.  I  expect  to  see  many  more  U.S. 
companies  adopting  meaningful  privacy  policies  of  the  kind  that  members  of  our  Corporate 
Steering  Committee  now  have,  and  many  are  working  to  apply  globally  now.  I  also  see  a 
readiness  to  explore  some  additional  privacy-protection  measures  in  the  U.S.  -  such  as 
certifiable  private  standards  and  consumer  privacy  dispute-resolution  systems  —  that  could 
strengthen  procedures  and  remedies  in  the  U.S.  system. 

To  conclude,  financial  services  is  an  industry  whose  operations  in  Europe  could  be 
affected  in  major  ways  by  how  the  E.U.  Data  Protection  Directive  is  applied  to  their  trans-border 
data  operations.  Leading  groups  in  industry,  government,  academia,  and  the  public-interest 
community  should  work  to  see  that  the  dialog  created  by  the  adoption  of  the  EU  Directive  and  its 
impending  activation  in  1998  becomes  an  occasion  for  making  privacy  protection  better  and 
more  visible  in  both  North  America  and  Europe. 
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by  the  New  York  Academy  of  Sciences,  February-April,  1996 

Prepared  by  Dr.  Alan  F.  Westin,  Professor  of  Public  Law  &  Government, 
Columbia  University,  and  Publisher,  Privacy  &  American  Business,  April 
2,    1996 


iDtroduction 

Like  the  other  areas  of  this  symposium  that  are  undergoing  major  changes  as  a 
result  of  advanced  technology  ~  financial  institutions,  financial  products,  legal  and 
regulatory  mechanisms,  and  global  activity  -  the  area  of  privacy  and  security  in  financial 
^airs  is  also  in  a  state  of  high  transition.  At  such  crossroad  points  in  technology-society 
relations,  prudence  dictates  that  we  begin  the  analysis  of  where  we  may  be  headed  with  a 
solid  baseline  discussion  of  where  we  are  now,  and  how  we  got  here. 

Privacy  and  Security  in  Financial  Affairs:  A  Baseline  Analysis 

First,  some  definitional  stakes  in  the  ground. 

•  By  privacy,  I  will  be  referring  to  the  issue  of  what  personal  information 
financial  organizations  should  be  able  to  collect  and  use  in  their  operations,  with  relevance 
and  social  acceptability  as  the  standards. 

•  By  confidentiality,  I  refer  to  a  financial  organization's  obligations  to  use  an 
individual's  information  for  the  purposes  for  which  it  was  provided;  to  see  that  it  is  not 
disclosed  more  widely  inside  the  organization  than  necessary;  and  not  to  disclose  it  to 
anyone  outside  the  collecting  organization  unless  approved  by  the  individual  or  required  by 
law. 

•  By  information  security,  I  mean  an  organization's  capacity  to  keep  its 
promises  of  confidentiality,  by  protecting  information  from  alteration  or  inq)roper 
disclosure  by  insiders  or  from  the  outside. 

•  Finally,  by  fair  information  practices,  I  will  be  referring  to  the  body  of 
principles  as  to  notice,  consent,  accuracy,  completeness,  inspection,  chsdlenge,  correction, 
and  transparency  that  -  since  the  1970's  and  general  application  of  computer  systems  to 
organizational  affairs  -  have  been  the  sector-based  standards  that  American  law  and 
organization  poUcies  have  followed  in  handling  personal  information. 

Using  those  terms,  the  following  five  propositions  capsulize  what  I  see  as  the 
current  state  of  thinking  and  policy  in  the  American  system  about  privacy  and  security  in 
individual-consumer  financial  transactions. 

1.  Financial  transactions  have  always  been  considered  highly 
sensitive  by  consumers,  and  financial  institutions  are  expected  to  be 
trustees  for  confidentiality. 
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Checking  account  information  and  credit  card  records  provide  a  veritable  diary  of  an 
individual's  life  and  transactional  trail,  and  investment  and  savings  account  information  add 
further  revelatory  detail  In  1994,  a  Lx>uis  Harris  survey  for  Privacy  &  American  Business 
asked  a  representative  sample  of  the  public  how  serious  it  would  be  if  someone  obtained 
information  without  their  authorization  from  a  list  read  to  them  of  ten  different  types  of 
record  systems  about  people  held  by  business  or  government.  "Bank  account  inJFormation" 
was  rated  the  most  serious  of  all  ten  if  it  were  obtained  improperly  (89%  said  such 
disclosure  would  be  "extremely  serious")  and  "credit-card  purchase  records"  rated  third 
(82%  "extremely  serious").  Both  types  of  financial  records  were  rated  even  higher  in 
sensitivity  than  medical  records  (at  80%).  ^ 

Similarly,  a  1993  Harris  survey  for  Privacy  &  American  Business  asked 
respondents  how  important  it  would  be  to  them  in  choosing  which  firms  to  patronize  that  a 
list  of  organizations  read  to  them  had  adopted  strong  privacy  poUcies  and  communicated 
them  to  potential  clients.  "Banks"  headed  the  list  in  being  "very  inq)ortant"  to  have  such 
privacy  policies  (at  72%).  "Health  insurance  companies"  and  "hospitals  and  clinics"  were 
rated  next  (at  71%  each),  and  "credit  card  companies"  were  fourth  (at  67%  very 
important).^ 

2.  Reflecting  this  sensitivity,  both  banking  traditions  and  legal  rules 
have  placed  strong  duties  of  confidentiality  on  financial  institutions, 
but  have  never  treated  customer  information  as  absolutely  privileged. 

Keeping  customer  financial  transactions  confidential  was  an  industry  norm  and  a 
continued-business  necessity  for  bankers  from  the  earliest  days  of  the  Rq)ublic,  and  was 
embodied  in  18th  and  19th  century  common  law  doctrines.  Contemporary  federal  and  state 
legislation  and  regtilatory-agency  rules  have  spelled  out  financial-institution  confidentiality 
duties  and  customer  safeguards  in  detail;  at  the  federal  level,  for  example,  enactments  since 
1970  include  the  Fair  Credit  Reporting  Act,  Bank  Secrecy  Act,  and  the  Right  to  Financial 
Privacy  Act 

However,  reflecting  the  pragmatic  approach  of  the  American  public  toward  privacy 
issues,  as  well  as  the  balancing-of-social-interests  process  that  marks  both  popular  attitudes 
and  legal  decisions,  confidentiality  of  financial  information  has  always  been  weighed 
against  important  competing  social  interests.  These  have  included  civil  justice  (compulsory 
disclosure  of  account  information  in  divorce  and  child  custody  proceedings);  law 
enforcement  (detection  of  financial  fraud;  identification  of  money  laundering;  pursuit  of  tax 
evasion;  investigation  of  non-financial  crimes)  and  national  securitv  investigations  (now 
including  terrorism). 

When  justifying  disclosure  of  financial-account  information,  legislation, 
regulations,  and  judicial  rulings  have  generally  sought  to  specify  the  conditions  under 
which  government  could  obtain  access  to  financial  records.  This  has  been  done  by  applying 
the  probable-cause  and  specificity  concepts  of  the  Fourth  Amendment  and  by  protecting 
due  process  rights  of  notice  and  challenge  of  government  access  (with  special  procedures 
for  national  security  or  "hot  pursuit"  situations). 

As  with  many  other  privacy  issues,  the  legitimacy  of  government  demands  for 
disclosure  of  consumer  fiinancial  information  or  for  powers  of  investigative  surveillance 
depend  on  society's  attitude  toward  the  anti-social  conduct  being  probed,  as  well  as  the 


*  Privacy  A.  American  Business,  VoL  1,  No.  4  (1994),  p.3. 
2  Ibid..  Vol.  1,  No.  1  (1993),  p.  10. 
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bona  fides  of  government  inquiry.  FBI  probes  in  the  late  60's  and  early  70's  into  the  bank 
accounts  of  anti-war  and  black  protest  groups  exemplify  the  issues  that  can  arise  in 
moments  of  social  tension. 

3.  Until  now,  advances  in  information  technology  have  not  upset 
society's  desired  balances  between  privacy-confidentiality  and 
disclosure/surveillance  in  financial  affairs. 

Between  the  mid  Sixties  and  the  present,  successive  waves  of  information 
technology  applications  in  financial  institutions  incorporated  rather  than  upset  or  defeated 
the  basic  balances  of  policy  on  financial  privacy.  This  is  because  the  uses  of  computers  and 
telecommunications  continued  —  indeed,  strengthened  ~  the  processes  of  documentation  of 
financisd  transactions.  In  addition,  legal  rules  (such  as  bank  recording  of  cash  deposits 
above  stated  amounts)  have  insured  that  this  should  be  done. 

In  a  very  important  sense,  the  world  of  consumer  financial  affairs  went  from 
manual  records  to  computer  data  bases  to  electronic  funds  transfers  without  sigmficandy 
challenging  society's  ability  to  set  the  rules  as  to  what  would  be  confidential,  what  would 
be  disclosed  under  legal  process,  and  when  government  could  conduct  surveillances  into 
financial  affairs. 

4.  Similarly,  information-technology  developments  of  the  past  four 
decades  have  changed  the  environment  of  security  in  financial  affairs 
but  not  the  basic  issues  or  organizational  approaches. 

Security  of  funds  and  customer  information  have  always  been  priorities  for 
financial  institutions,  and  controlling  the  corrupted  insider  or  the  outside  attacker  has  been  a 
paramount  management  concern.  Personnel  checks,  accounting  and  audit  procedures,  and 
physical  security  in  the  pre-computer  era  were  augmented  in  the  electronic  age  by  access 
controls,  audit  trails,  encryption,  and  other  techniques  of  computer  and  communications 
security. 

In  the  computer  as  well  as  pre-computer  eras,  high  security  measures  never 
guarantee  (or  produce)  total  protection  of  either  assets  or  information.  Thefts  of  fimds  and 
capture  of  condfidential  information  are  regular  events,  year  after  year,  in  the  operations  of 
financial  institutions.  The  potential  for  largo*  "hits"  on  computerized  financial  systems  has 
been  recognized,  and  the  security  literature  records  substantial  "computer  crimes,"  usually 
with  insider  assistance  rather  than  complete  outside  penetration  by  strangers.^  As  the 
Barings  and  Daiwa  episodes  show,  however,  asset  losses  from  non-technological  insider 
misconduct  still  dwarf  any  conputer-based  security  breaches. 

5.  However,  financial  privacy  issues  remain  part  of  the  American 
public's  overall  strong  concern  about  loss  of  privacy,  and  desire  for 
better  privacy  protection. 

Eighty-two  percent  of  the  American  public  said  in  1995  they  are  "concerned  today 
about  threats  to  their  personal  privacy,"  up  from  34%  in  1970,  64%  in  1978,  and  79%  in 
1990.  Eighty  percent  say  that  "consumers  have  lost  all  control  over  how  personal 
information  about  them  is  circulated  and  used  by  companies,"  up  from  71%  who  felt  that 
way  in  1990.  Fifty-nine  percent  report  that  they  have  "refused  to  give  information  to  a 


3  [Footnote  to  be  added.] 
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business  or  company  because  [they]  thought  it  was  not  really  needed  or  was  too  personal," 
up  from  42%  in  1990.'' 

Harris- Westin  surveys  from  1978  to  1995  confum  that  these  and  other  concerns 
about  privacy  do  not  follow  any  pattern  of  standard  demographics  ~  by  age,  education, 
income,  race,  gender,  community,  section,  or  political  philosophy.  Rather,  they  are  closely 
correlated  with  and  basically  driven  by  two  factors  -  distrust  of  public  and  private 
institutions  and  fears  of  technology  abuse.  Since  distrust  levels  in  American  society  in  1996 
remain  intense,  we  should  not  expect  worries  about  privacy  threats  to  subside  soon. 

At  the  same  time,  the  surveys  show  that  the  American  public  takes  a  pragmatic 
approach  to  the  resolution  of  concrete  privacy  issues.  Only  25%  of  the  public  displays  what 
can  be  called  "privacy  fundamentalist"  views,  while  about  18%  of  the  public  is  "privacy 
unconcerned."  A  majority  -  57%  ~  are  what  I  have  called  "privacy  pragmatists."  In  the 
consumer  area,  they  will  look  at  calls  to  provide  businesses  with  thek  personal  information 
to  see  whether  they  feel  they  will  get  a  desirable  benefit  or  opportunity  by  complying.  If  so, 
they  next  look  to  see  whether  the  business  follows  fair  information  practices  that  wiU 
protect  the  privacy  and  confidentiality  of  their  information  in  that  setting.  If  this  is  done,  the 
Privacy  Pragmatists  supply  their  information,  and  accept  this  as  a  fair  exchange,  joining  the 
Privacy  Unconcerned  to  make  up  a  75%  majority. 

But,  if  the  Privacy  Pragmatists  do  not  feel  a  valuable  benefit  or  opportunity  is  being 
offered,  or  that  fair  information  practices  are  not  assured  by  law  or  provided  by  voluntary 
organizational  policy,  most  will  join  the  Privacy  Fundamentalists,  making  up  an  80%  level 
opposition  to  that  information  practice. 

These  pragmatic  views  are  reflected  in  positive  majority  attitudes  toward  the  value 
of  the  credit  reporting  system  for  rapid  and  broad-based  consumer  access  to  loans,  retail 
credit,  and  credit  cards;  in  approval  of  marketers  providing  opt-out  (rather  than  opt-in) 
procedures  for  customers  who  do  not  want  to  receive  offers  of  additional  goods  or  services 
from  businesses  they  patronize;  and  in  support  for  financial-institution  affiliate  sharing  of 
consumer  information  for  offering  customers  other  financial  and  non-financial  products.^ 

In  addition,  the  U.S.  public  generally  prefers  voluntary  privacy  policies  to 
government  regulation.  Seventy-two  percent  of  the  public  agreed  in  1995  that  "If 
corrqjanies  and  industry  associations  adopt  good  voluntary  privacy  policies,  that  would  be 
better  than  government  regulations,  in  this  country."^  Of  course,  financial  services  are 
already  closely  regulated  for  customer  protection,  including  fair  information  practices  rules 
(such  as  the  Equal  Credit  Opportunity  Act  and  the  Fair  Credit  Billing  Act,  beyond  the 
federal  laws  already  cited.) 

However,  reading  customer  concerns  over  privacy  and  fair  information  practices  in 
handling  financial-transaction  information  as  an  opportunity  for  enhanced  customer  (and 
public)  relations,  several  pro-active  firms  in  Uie  financial  services  industry  (such  as 
American  Express  and  Citicorp)  have  adopted  and  widely  commuiucated  voluntary  codes 
of  consumer  privacy  that  go  beyond  existing  legal  requirements.  In  addition,  industry 


*  Louis  Hanis  &  Associates  and  Dr.  Alan  F.  Westin,  The  Equifax-Harris  Mid-Decade  Consumer  Privaiv 

SUEiex.(1995). 
5  Louis  Harris  &  Associates  and  Dr.  Alan  F.  Westin,  Consumers  and  Credit  Reporting  (1994>.  survey 
sponsored  by  VISA  and  MasterCard. 

*  Harris  and  Westin,  n.  1  supra. 
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associations  like  VISA  and  MasterCard  have  recently  developed  and  published  privacy 
guidelines  for  card  issuers  which  they  are  urging  their  members  to  adopt 

Finally,  the  European  model  of  government  data  protection  boards  with  jurisdiction 
over  the  private  sector  and  systems  of  registration  of  every  data  base  with  personal 
information  with  a  supervisory  government  registrar  has  never  drawn  a  majority  of  public 
support  in  the  U.S.  In  the  present  atmosphere,  most  Americans  see  that  approach  as  calling 
on  "Big  Brother"  to  protect  citizens  from  "Big  Brother." 

New  Threats  To  Individual  Financial  Privacy  Interests 

A  series  of  technological  developments,  application  patterns,  and  business  trends  in 
the  late  1990's  are  beginning  to  alter  the  financial  privacy  landscape: 

•  As  credit  cards  are  used  for  more  and  more  areas  of  consumer  payment  -  such  as 

health  care  —  the  scope  of  sensitive  information  contained  in  financial 
records  is  expanding  even  further. 

•  Consumer  banking  is  oriented  today  toward  in-depth  individual-consumer 

profiling,  through  the  compiling  of  databases  combining  in-house 
transaction  data  from  aU  services  used  by  a  customer  with  lifestyle 
pattern  information  acquired  fi-om  profile-supplier  con^anies.  This 
is  creating  highly  detailed  individual  profiles,  generally  without 
the  provision  of  any  notice  to  customers  or  stated  policies  about 
the  uses  to  be  made  -  and  not  made  -  of  such  profiles. 

•  Credit-card  and  other  payment  mechanisms  for  online  and  Internet  activities  and 

purchases  are  creating  individual-subscriber  transactional  records  of  high 
privacy  sensitivity,  without  clear  legal  rules  or  regulatory  oversight  of  how 
such  personal  information  is  to  be  used. 

•  Online  home  banking,  making  still  another  development  effort  now,  will  lodge 

privacy-sensitive  checking  account  and  investment  data  in  systems  for 
which  reliable  security  may  not  be  fully  assured,  if  proprietary  bank  data 
systems  are  not  the  nrode  used. 

•  Smart  cards  are  being  adopted  in  many  educational,  governmental,  and  business 

applications  that  put  sensitive  financial  data  onto  the  chip  storage  of  such 
cards;  how  secure  such  data  is,  in  clear  or  in  encrypted  form,  is  still  to 
be  tested. 

•  Overall,  fi'om  Internet  commerce  to  the  developing  home  interactive  information 

services,  information  systems  carrying  financial  data  are  being  developed 
and  monitored  by  commercial  service  providers  that  are  not  financial 
institutions,  do  not  have  the  historic  commitments  to  confidentiality  of 
financial  institutions,  and  are  not  yet  covered  by  financial-privacy  laws. 

Given  these  trends,  how  are  banks  and  credit  card  issuers  dealing  with  the  privacy 
rules  for  handling  customer  information?  In  organizational  terms,  two  cultures  are  present 
within  the  financial  services  industry  today,  -  traditional  banking,  with  its  classic 
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commitment  to  customer  privacy,  and  the  target-marketing  culture,  with  a  multi-souice- 
database  and  personal-profile  approach  to  customer  relations.' 

The  traditional  consumer  bank  functions  ~  managing  checking  and  savings 
accounts,  using  credit  reports  and  other  data  to  process  consumer  loans  and  home 
mortgages,  offering  money  market  and  other  investments  ~  grew  up  (as  we  have  noted) 
with  strong  confidentiality  norms  and  regulations,  including  state  and  federal  legislation  on 
financial  privacy,  bank  secrecy,  and  use  of  credit  reports.  Consumer  bankers  even  made 
common  cause  with  the  ACLU  and  privacy  groups  in  asserting  the  confidentiality  of 
individual  bank  accounts  against  dragnet  access  by  government  investigators,  helping  enact 
the  Right  to  Financial  Privacy  Act  in  1978  and  supporting  the  Electronic  Communications 
Privacy  Act  in  1986. 

However,  the  leadership  driving  much  of  consumer  banking  today  comes  firom  a 
different  culture  -  target  marketing.  The  m,arketer's  first  role  is  to  bmid  in-depth  databases 
of  transactional  trends  by  existing  customers,  to  cross-sell  other  bank  services  and  the 
widening  range  of  financial  products  that  banks  are  now  offering  -  securities,  insurance, 
etc.  The  second  role  of  the  tank  marketers  is  to  assemble  Usts  of  prospective  customers  in 
databases  that  combine  standard  demographics  (income  level,  age,  occupation,  credit 
history,  etc.)  with  the  new  psychographic  files  on  consumers'  lifestyle  information, 
derived  from  zip  plus  four  locality  information  and  other  "personal  activity"  data  drawn 
from  list  brokers. 

Most  of  the  new  bank  marketers  do  not  come  from  traditional  consumer  banking 
backgrounds.  However,  since  privacy  issues  have  been  widely  discussed  and  debated  in 
direct  marketing  circles,  some  marketing  executives  in  banking  have  been  sensitive  to  the 
privacy  issues  and  are  interested  in  a  package  of  good  privacy  policies.  But  these  have 
generally  ooi  been  made  public  and  actively  promoted. 

The  great  majority  of  marketing  executives  in  banks  have  not  yet  treated  the 
promulgation  of  fair  information  practices  rules  as  a  priority.  In  fact,  public  announcement 
of  such  rules  is  often  seen  as  an  impediment  to  ~  or  at  least  a  limitation  on  ~  the  full  use  of 
target  marketing.  When  the  traditional  consumer  bankers  or  the  public  affairs  staffs  suggest 
that  privacy  rules  ought  to  be  drawn  up  and  publicized,  the  answer  in  most  banks  has  been, 
"Are  we  required  to  do  this  by  law?"  When  the  answer,  correctiy,  comes  back,  "No,"  the 
marketers  turn  back  to  running  their  database  operations  ~  with  no  interventions  by  senior 
management 

This  situation  will  become  even  more  acute  as  other  new  elements  are  added  to 
consumer  bank  operations  today.  One  major  area  is  the  online  and  Internet  environment  for 
using  credit  cards  and  engaging  in  financial  transactions.  This  arena  for  card  use  brings 
another  group  into  leadership  in  bank  developments  —  the  cyberspace  software  and 
communications  experts.  Their  training  and  focus  is  on  how  to  assure  security  for  the  use 
of  credit  cards  and  online  financial  transactions,  but  they  look  to  operational  and  public 
affairs  executives  (or  law)  to  define  the  privacv  rules  that  such  onlme  operations  will  adopt 

Still  another  emerging  culture  within  U.S.  banks  are  the  smart  card  and  elecfronic- 
money  developers.  Privacy  is  actually  a  high- visibility  issue  among  these  experts.  For 
example,  major  groups  such  as  the  Smart  Card  Forum  have  identified  privacy  issues  as 
central  concerns  they  must  address,  and  are  developing  good  guidelines  to  be  applied  to 
various  types  of  new  card  products.  However,  these  specialists  have  not  been  positioned  to 

'  This  discussion  is  drawn  from  "Credit  Cardholders,  Banks,  and  Privacy,"  Privacy  &  American  Business, 
Vol.  3,  No.  2,  March-April,  1996. 
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persuade  senior  bank  managements  to  sponsor  development  of  overall  card-issuer  privacy 
policies. 

Most  senior  bank  managements  have  not  recognized  the  privacy  issue  as  a  serious 
matter  in  the  minds  of  their  present  and  prospective  customers,  despite  clear  survey 
research  that  says  that  cardholders  feel  strongly  about  these  issues  and  want  meaningful  fair 
information  practices  applied  to  all  the  ways  that  banks  use  their  transactional  data.  But, 
senior  managements  have  not  yet  shown  themselves  ready  to  bring  their  target  marketing 
and  online-commerce  operations  under  explicit  and  adequate  voluntary  privacy  rules. 

The  survey  data  on  privacy  concerns  and  growing  privacy  activism  by  credit  card 
holders  suggest  that  issuer  banks  ~  and  the  consumer  banking  industry  -  may  have  a 
shrinking  window  of  opportunity  to  act  voluntarily.  The  FTC  has  served  notice  that  it 
hopes  for  voluntary  industry  privacy  guidelines  along  the  new  information  superhighways, 
and  universal  adoption  by  members  of  industries  such  as  banks.  But,  the  FTC  has  said  that 
it  is  prepared  to  seek  regulations  if  meaningful  voluntary  action  does  not  take  place,  and 
reasonably  soon. 

In  addition,  some  state  legislatures  have  begun  experimenting  with  new  regulations 
to  control  credit  card  marketing.  Maine  now  requires  positive  opt-ins  for  assembling 
marketing  lists,  while  California  mandates  notice  and  an  opt-out  In  fact,  the  state 
legislative  scene  in  1996  features  dozens  of  pending  bills  to  regulate  credit  card  marketing 
practices. 

One  factor  that  may  capture  the  attention  of  senior  U.S.  bank  managements  and 
prompt  policy  reviews  is  the  adoption  last  July  of  the  European  Union's  Data  Protection 
Directive.  When  it  goes  into  effect  in  three  years,  the  EU  Directive  will  require  all  U.S. 
banks  that  seek  to  move  personally-identifiable  information  about  account  holders  or  credit 
card  holders  in  Western  European  nations  to  processing  centers  or  data-analysis  operations 
in  the  U.S.  to  demonstrate  that  they  abide  by  detailed  data  protection  rales  and  practices. 

Neither  the  Clinton  Administration  nor  the  Republican  Congress  favor  the  creation 
of  a  federal  data  protection  regulatory  authority,  or  tiie  kind  of  government  registration 
system  for  all  personal-information  databases  tiiat  would  directiy  parallel  the  European  data 
protection  norms.  Nor,  as  previously  noted,  do  national  privacy  surveys  show  the 
American  public  to  favor  an  omiubus  federal  regulatory  agency  for  privacy. 

However,  the  absence  of  publicly-issued,  comprehensive  consumer  privacy 
policies  and  meaningful  remedies  among  U.S.  credit  card  issuers  could  become  a  serious 
issue  in  the  increasing  globalization  of  credit  card  services. 

In  this  setting,  what  may  develop  is  the  voluntary  adoption  by  U.S.  banks  of 
privacy  policies,  remedies,  and  audit  procedures  that  will  meet  EU  standards,  and  tiie 
negotiation  of  contracts  enforcing  those  rules  with  individual  European-nation  data 
protection  authorities.  Pursuing  this  important  step  to  support  U.S.  bank  marketing  plans 
in  Europe  would  require  the  senior  management's  of  U.S.  banks  to  develop  what  amount 
to  global  privacy  policies  (with  obvious  application  inside  the  U.S.  as  well.) 

Emerging  Threats  to  Society  From  New  Privacy-Enhancing  Technologies 

Information  technology  is  also  creating  a  set  of  privacy-enhancing  mechanisms  and 
options  that  thrill  privacy  advocates  but  raise  worries,  if  not  consternation,  among 
financial-system  regulators,  law  enforcement  agencies,  and  tax  authorities: 
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•  Anonymous  financial  transactions  on  the  Internet,  moving  electronic  money 

fi'om  point  to  point  within  the  U.S.  or  globally  without  identification  of 
initiator,  recipient,  or  foreign  transaction  facilitator  could  create  financial 
transactions  beyond  the  effective  reach  of  U.S.  regulatory,  tax, 
and  law-enforcement  authorities. 

•  Electronic  purses  -  cards  with  financial  credit  loaded  and  drawn  down  as  used  ~ 

could  similarly  create  transaction-record-less  movements  of  money, 
a  recreation  of  the  pre-check  and  pre-credit-card  world  of  the  largely- 
anonymous  cash  economy. 

•  Strong  encryption  software  could  make  it  very  difficult  or  even  practically 

impossible  for  government  authorities  to  track  criminal  communications 
as  well  as  criminal  financial  transactions  in  cyberspace  (the  Clipper  Chip 
controversy  enlarged). 

These  possibilities  have  drawn  serious  attention  from  government  officials, 
financial  leaders,  technology  experts,  and  policy  analysts.  To  some  extent,  solutions  are 
being  sought  from  information  technology  applications  and  the  legal  authority  to  impose 
such  measures.  A  thoughtful  approach  along  these  lines  is  spelled  out  in  the  1995  U.S. 
Office  of  Technology  Assessment  report.  Information  Technologies  for  the  Control  of 
Money  Laundering.  The  OTA  Report  describes  a  system  of  computerized  monitoring  for 
use  by  law  enforcement,  addresses  the  provision  of  adequate  privacy  and  corporate 
confidentiality  protections,  and  discusses  the  need  for  international  agreements  to  facilitate 
such  a  monitoring  regime. 

In  addition,  the  Federal  Trade  Commission  has  been  experimenting  with  "hound- 
dog"  sniffers  to  ferret  out  fraud  operators  in  online  services  and  on  the  Internet,  just  as  the 
Justice  Department  has  begun  using  computer-network  wiretapping  under  judicial-warrant 
authorizations,  successfully  in  the  recent  Argentine-hacker  intrusion  into  the  Harvard 
University  system  and  from  there  to  Defense  Department  and  NASA  installations.* 

At  the  same  time,  assuring  high  levels  of  security  for  asset-protection  and 
information-privacy  protection  in  onlLie  and  Internet  environments  poses  challenging 
problems  for  financial  security  experts.  Security  measures  are  being  actively  pursued  by 
VISA  and  MasterCard,  various  information-technology  vendors  and  services,  and 
governmental  experts.  My  sense  is  that  progress  will  be  made,  as  it  has  in  die  past,  in 
creating  sufficientiy  secure  financial  transactions  to  assure  consumers  that  they  can  use  their 
credit  cards,  do  home  banking,  or  buy  from  interactive  TV  or  computer-screen  systems 
without  undue  risk.  Installation  at  cost-effective  levels  of  a  variety  of  biometric  identifiers  — 
ranging  from  voiceprint  and  finger-imaging  systems  to  retinal  scans  and  digitized 
signatures  -  promise  to  greatiy  sd'engthen  verification  of  a  user's  identity. 

Conclusion:  Thought  and  Effort  Will  Be  Needed  to  Continue  the 
U.S.  Balance  of  Privacy  Protection  With  Other  Vital  Social 
Interests 

There  are  no  magic  bullets  to  assure  personal  privacy  or  to  sustain  legitimate 
disclosure  and  surveillance  needs  of  society  in  an  increasin^y  electronic  and  online 
financial-transaction  environment  Adaptations  of  our  society's  values  to  each  new  wave  of 


"First  Internet  Wiretap  Leads  to  a  Suspect,"  New  York  Times.  March  31, 1996. 
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information  technology  over  the  past  4-5  decades  has  required  movement  from  problem- 
recognition  and  early  alarms  to  empirical  studies  and  then  to  technology-options  and  social- 
policy  formulation.  We  are  midway  in  this  process  with  financial  privacy  and  security  in 
the  age  of  electronic  finance;  it  will  take  serious  thought  and  effort  by  a  wide  range  of 
players  and  experts  to  move  American  society  into  effective  policies  and  the  tools  to  carry 
those  out. 
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Privacy  Activities  of  Professor  Alan  F.  Westin,  Columbia  University 

General 

Alan  F.  Westin  is  Professor  of  Public  Law  and  Goveniment  at  Columbia  University, 
where  he  has  taught  for  the  past  36  years.  Bom  in  1929,  he  earned  his  BA.  from  the  University  of 
Rorida;  his  LL.B.  firom  Harvard  Law  School;  and  his  Ph.D.  in  political  science  from  Harvard 
University.  He  is  a  member  of  the  District  of  Columbia  Bar,  the  author  or  editor  of  26  books,  and 
has  been  listed  for  the  past  two  decades  in  Who's  Who  in  the  United  States. 

Privacy   Activities 

For  four  decades.  Professor  Westin  has  specialized  in  studying,  writing,  and  consulting 
about  the  impacts  of  information  technology  on  individuals,  organizations,  and  society. 

1.  Writing  and  Speaking 

Dr.  Westin's  award-winning  1967  book.  Privacy  and  Freedom,  is  considered  the  leading 
work  in  this  field.  Other  books  he  has  written  about  privacy  include:  Databanks  in  a  Free  Societv 
(1972),  with  Michael  Baker,  for  the  National  Academy  of  Sciences,  and  two  monographs  for  the 
U.S.  National  Bureau  of  Standards  on  Computers,  Health  Records,  and  Citizen  Rights  (1976)  and 
Computers.  Personnel  Administration,  and  Citizen  Rights  (1979).  He  is  currently  completing  a 
new  book  for  the  Columbia  University  Press  on  "The  American  Public  and  Privacy:  New  Roles 
and  Rules  for  the  Computer  Age." 

In  addition  to  publishing  in  law  reviews  and  scholarly  journals,  his  articles  on  privacy 
issues  have  appeared  in  the  New  York  Times.  Wall  Street  Journal.  Fortune.  Business  Week,  the 
Los  Angeles  Times.  Newsday.  and  many  industry,  trade,  and  technical  publications.  He  has 
discussed  privacy  issues  often  on  such  television  programs  as  the  Today  Show,  CBS  Morning 
Show,  the  McNeil-Lehrer  Show,  and  many  others.  In  the  past  three  decades,  he  has  spoken  about 
privacy  issues  at  the  national  conventions  of  more  than  two  hundred  business,  professional,  and 
governmental  associations. 

2.  Governmental  Work 

In  the  governmental  arena,  he  was  consultant  to  Senator  Sam  Ervin  Jr.  in  drafting  the 
Federal  Privacy  Act  of  1974;  a  Presidential  appointee  (by  Richard  M.  Nixon)  to  the  National 
Wiretapping  Commission  (1973-76);  Senior  Consultant  to  the  U.S.  Privacy  Protection 
Commission  (1975-77);  Privacy  Consultant  to  the  New  York  State  Identification  and  Intelligence 
System,  and  Project  SEARCH;  and  a  member  of  Privacy  Task  Forces  for  the  U.S.  Department  of 
Commerce,  General  Services  Administration,  Social  Security  Administration,  and  other  federal 
agencies. 

He  has  been  chair  or  a  member  of  more  than  a  dozen  panels  of  the  U.S.  Office  of 
Technology  Assessment  on  privacy  issues  over  the  past  two  decades.  Dr.  Westin  has  testified 
frequently  since  the  late  1960s  before  dozens  of  Congressional  and  state  legislative  committees  on 
privacy  issues  involving  credit,  employment,  medical  and  health  records,  banking,  insurance,  law 
enforcement,  telecommunications,  and  other  issues. 
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3.  Public  Opinion  and  Survey  Work 

Over  the  past  18  years,  he  has  been  the  academic  advisor  to  Louis  Harris  &  Associates  for 
the  leading  national  public  and  leadership  opinion  surveys  of  privacy  conducted  in  the  United 
States  and  Canada.  These  have  included  national  surveys  on  "The  Dimensions  of  Privacy"  (for 
Sentry  Insurance,  1979);  "Consumers  in  the  Information  Age"  (for  Equifax,  1990);  "Updates  on 
Consumer  Privacy"  (1991  and  1992);  "Consumers  and  Privacy  in  the  Information  Age"  (for 
Equifax  Canada,  1993);  "Health  Information  Privacy  Survey,  1993"  (for  Equifax  Inc.); 
"Workplace  Privacy  Issues,"  for  the  Educational  Film  Center  (sponsored  by  Kraft  Foods)  1993; 
"Credit  and  the  Consumer,  1994"  (for  VISA  and  MasterCard);  "Interactive  Services,  Consumers, 
and  Privacy"  (sponsored  by  BeU  Atlantic,  U.S.  West,  and  Citicorp  Technology  Resources),  1994; 
and  "The  Mid-Decade  Consumer  Privacy  Survey,  1995,"  (for  Equifax  Inc). 

He  has  also  designed  and  supervised  many  proprietary  surveys  on  privacy  issues  for 
business  firms  and  industry  associations,  with  botii  Louis  Harris  and  Opinion  Research 
Corporation  of  Princeton,  N.J. 

4.  Private-Sector  Consulting  and  Advising 

In  the  private  sector.  Dr.  Westin  has  been  a  consultant  on  privacy  over  the  past  25  years  to 
several  dozen  corporations.  In  the  early  1970s,  he  developed  IBM's  employee  privacy  guidelines, 
which  served  as  a  model  for  hundreds  of  other  companies  in  the  late  1970s  and  1980s.  He  was  the 
principal  consultant  for  privacy  codes  by  such  companies  as  American  Express,  Equifax,  and 
Security  Pacific  Nationd  Bank.  Among  the  other  firms  for  which  he  has  been  a  privacy  consultant 
for  consumer  and  customer  privacy  issues  are  Citicorp,  Prudential,  Nabisco,  AT&T,  and  many 
more. 

Dr.  Westin  has  conducted  privacy-issues  briefings  for  CEO's  and  senior  management 
committees  in  over  100  corporations. 

In  1993,  Dr.  Westin  joined  with  Robert  R.  Belair,  a  leading  Washington  attorney 
specializing  in  privacy  and  freedom  of  information  law,  to  found  Privacy  and  Legislative 
Associates,  a  consulting  firm  in  Washington  that  specializes  in  privacy  work.  Current  clients 
include  Glaxo  Wellcome,  Bell  Atlantic,  Chrysler  Corporation,  Health  Data  Exchange  (a  Shared 
Medical  Systems  company),  Medbank,  National  Registry,  Inc.,  and  Science  Applications 
International  Corporation. 

5.  Other  Corporate-Related  Activities 

Also  in  1993,  Dr.  Westin  founded  (with  Robert  Belair)  a  new  bi-monthly  report  and 
information  service  called  Privacy  and  American  Business.  P&AB  covers  consumer,  health, 
communications,  and  employment  privacy,  as  well  as  multi-national  and  intemational  arenas,  and 
is  the  first  "privacy-sensitive  but  business-fiiendly"  publication  in  this  field.  It  is  supported  by 
founding  grants  from  American  Express,  Citicorp,  Equifax,  Bell  Atiantic,  Pacific  Bell,  U.S.  West, 
VISA,  MasterCard,  Lowe  &  Partners,  Miscrosoft,  Philip  Morris,  the  National  Commission  on 
Confidentiality  of  Health  Records,  State  Farm  Insurance,  MCI,  AT  &T,  Metromail,  TRW, 
TransUnion,  and  other  firms. 

6.  Privacy  and  Health  Information 

Since  the  mid-1960s,  Professor  Westin  has  maintained  a  continuing  special  interest  in 
medical  confidentiality  and  health-information-systems  privacy  issues. 
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A  comprehensive  field  study  of  computerization  trends  and  health  information  was  led  by 
Dr.  Westin  for  the  U.S.  National  Bureau  of  Standards  between  1974-76,  and  produced  Westin's 
report  on  Computers.  Health  Records,  and  Citizen  Rights  (1976).  The  Privacy  Code  this  report 
recommended  was  sent  by  NBS  to  every  hospital  in  the  U.S.,  and  served  as  a  model  for  hundreds 
of  hospital  and  health  institutions.  The  NBS  Report  remains  to  this  day  the  leading  empirical  study 
of  how  computer  use  is  affecting  the  three  main  zones  of  health  information  use  -  direct  care, 
payment  and  quality-assurance,  and  social  uses  of  medical  data. 

Between  1978  and  the  early  1980s,  he  served  as  Research  Director  of  ttie  National 
Commission  on  Confidentiality  of  Health  Records,  a  national  association  composed  of  the  major 
health-care  provider,  payer,  and  quality-care  associations  in  the  United  States.  During  this  period, 
he  spoke  frequently  on  privacy  and  health  information  issues  at  national  conventions  or  special 
meetings  of  the  American  Medical  Association,  Health  Insurance  Association,  American  Medical 
Records  Association,  American  Orthopsychiatric  Association,  American  Psychiatric  Association, 
and  many  other  health-professional  groups. 

In  the  past  2-3  years,  he  has  been  a  featured  speaker  at  the  U.S.  Department  of  Health  and 
Human  Services  Privacy  Task  Force  Conference  on  Medical  Records  and  Privacy  (February, 
1993);  a  reviewer  of  reports  on  privacy  for  the  National  Institute  of  Medicine  (on  emerging 
regional  health  data  systems),  tiie  Journal  of  the  American  Medical  Association,  and  for  the  U.S. 
Office  of  Technology  Assessment  (on  privacy  and  the  computerized  medical  record). 

Dr.  Westin  was  the  privacy  advisor  to  a  1994  Public  Television  Special  Documentary  on 
"Privacy  and  Health  in  the  American  Workplace."  Dr.  Westin  drafted  a  national  corporate- 
employee  and  human  resources  executives  survey  conducted  by  Louis  Harris  and  Associates  for 
use  on  this  program,  covering  employee  health  and  privacy  issues  in  depth. 

In  1993,  he  served  as  the  academic  advisor  for  a  national  public  and  leaders  Harris  survey 
on  "Health  Information  Privacy."  Results  from  this  survey  were  released  at  a  national  conference 
in  Washington,  D.C.  in  November,  1993,  at  which  Dr.  Westin  spoke,  cosponsored  by  the  U.S. 
Office  of  Consumer  Affairs,  the  American  Health  Information  Management  Association,  and 
Equifax  Inc. 

Also  in  1993-95,  Dr.  Westin  served  as  Principal  Investigator  on  a  15-month  project  on 
privacy  issues  in  the  uses  of  genetic  testing  and  genetic-test  applications,  funded  by  the  U.S. 
Department  of  Energy  for  tiie  Human  Genome  Project  and  its  ELSI  Program  (Ethical,  Legal  and 
Social  Issues). 

In  his  consulting  work.  Dr.  Westin  has  recently  drafted  privacy  codes  for  tiie  Health  Data 
Exchange  of  Shared  Medical  Systems;  Medbank,  a  new  health  information  service;  Equifax's 
Health  Information  Sector;  and  is  currently  working  witii  Glaxo  Wellcome. 

7.  Overseas  and  Multinational  Activities 

For  three  decades.  Professor  Westin  has  been  a  keynote  speaker  at  leading  business, 
government,  and  technology  conferences  on  privacy  and  data  protection  in  the  United  Kingdom, 
Western  Europe,  Scandinavia,  Japan,  and  Hong  Kong.  In  1985,  for  example,  NTT  of  Japan 
brought  Dr.  Westin  to  Tokyo  as  the  Privacy  Keynote  Speaker  at  the  NTT  International  Conference 
on  Technology  and  Society  in  the  Information  Age,  and  Dr.  Westin  lectured  on  U.S.,  European, 
and  Japanese  approaches  to  privacy  protection  at  several  Japanese  universities  and  technology 
institutes. 
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Statement  of  Jeffrey  B.  Ritter 

Program  Director,  ECLIPS,  Ohio  Supercomputer  Center  and 

Chair,  American  Bar  Association  Committee  on 

the  Law  of  Commerce  in  Cyberspace 

before  the 

House  Subcommittee  on 

Domestic  and  International  Monetary  Policy 

"The  Future  of  Money" 

June   11,   1996 

Mr.  Chairman,  and  Members  of  the  Subcommittee,  I  would  like  to  thank  you  for 
inviting  me  to  testify  with  respect  to  some  of  the  international  implications  of 
electronic  commerce  and  currency,  the  prospects  for  transnational  industry  self- 
regulation  and  the  importance  of  commercial  law  to  facilitating  the  evolution  of 
the  new  payment  technologies.  It  is  vital  to  the  development  of  a  global 
electronic  marketplace  for  commerce,  and  for  consumers,  that  these  issues  be 
considered  with  the  pro-active  leadership  which  these  hearings  represent. 

The  Misnomer  of  Electronic  Cash 

Allow  me  to  offer  the  proposition,  articulated  with  clarity  by  Joel  Kurtzman  in  The 
Death  of  Money,'  that  the  electronic  networks  and  computers  which  are  the 
infrastructure  for  the  current  global  financial  community  have  been  instrumental 
in  the  decline  of  national  control  over  money.  Indeed,  Professor  Kazuaki  Sono 
(who  formerly  chaired  the  United  Nations"  effort  to  define  a  legal  framework  for 
global  electronic  funds  transfers)  observed  in  1995  that  the  traditional  role  of 
money  as  a  measure  of  value  has  been  lost  at  the  global  scale."  The  Bretton 
Woods  agreement  in  1944  sustained  monetary  stabihty  for  nearly  30  years  by 
assuring  that  the  value  of  national  currencies  was  related  to  the  scarcity  of  the 
resource;  only  in  that  manner  could  the  national  notes  used  as  legal  tender  be 
meaningful  obligations  of  the  issuing  governments.  Of  course,  while  Bretton 
Woods  remained  effective,  the  U.S.  dollar  was  the  controlling  measure  of  value 
for  any  national  currency,  linked  to  the  fixed  exchange  rate  of  $35  dollars  per 
ounce  of  gold. 

In  1971.  President  Nixon's  determination  to  terminate  the  fixed  exchange  rate 
was  the  first  step  in  a  series  of  developments  that  set  the  stage  for  the 
introduction  into  commerce  of  the  new  payment  mechanisms  represented  by  the 
companies  whose  executives  join  me  today  in  testifying.  Indeed,  President 
Nixon's  announcement;  the  development  of  a  floating  exchange  rate  system;  the 
emergence  of  electronic  funds  transfers;  and  the  maturation  of  network-based 
global  markets  for  financial  arbitrage,  derivatives  and  hedges  is  a  compelling 
sequence  of  steps  toward  the  evolution  of  a  different  notion  for  defining  value. 
Today,  even  in  the  absence  of  the  new  payment  mechanisms,  we  tolerate  and 
sustain  daily  global  speculation  in  trying  to  determine  the  value  of  money.    The 


'  Kunzman,  The  Death  of  Money:  How  the  Electronic  Economy  has  Destabilized  the  World's  Markets  and 

Created  Financial  Chaos  (Simon  &  Schuster,  New  York,  1993). 

"  Sono,  "Electronic  Funds  Transfer  Blurs  the  Meaning  of  Money",  2  The  DataL^w  Report  1  (May  1995). 
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U.S.  dollar,  and  perhaps  any  national  currency  that  is  the  subject  of  foreign 
exchange,  has  become  a  volatile,  mercurial  and  wholly  electronic  instrument.' 

For  the  consumer,  the  declining  meaning  of  national  currencies  as  a  measure  of 
value  has  been  reflected  by  the  emergence,  without  any  significant  social 
upheaval,  of  a  new  payment  mechanism.  We  have  been  willing  to  change  what 
we  offer  in  satisfaction  of  the  payment  obligation  that  is  part  of  every  purchase 
contract.  We  used  to  believe,  with  legal  tender  in  hand,  that  a  payment  obligation 
could  only  be  satisfied  with  U.S.  dollars.  However,  today,  whether  by  letter  of 
credit,  check,  by  telephone,  through  Checkfree,  or  with  our  debit  cards,  we  now 
offer  to  satisfy  the  payment  obligation  of  the  buyer  not  with  money  but  with  the 
transfer  to  the  seller  of  the  legal  obligation  of  a  buyer's  bank  to  pay  cash  from  the 
account  of  the  buyer  to  the  order  of  the  seller.  TTius,  it  is  the  good  credit  of  the 
issuer  of  the  check  or  the  card  which  is  tendered,  not  legal  tender,  which  is  the 
mechanism  of  payment.  This  is  a  vital  development  which  is  a  precursor  to  how 
we  consider  putting  in  place  the  requisite  legal  structures  for  the  new  payment 
mechanisms. 

Recently,  the  American  Bar  Association  Section  of  Business  Law  Task  Force  on 
Stored  Value  Cards  has  undertaken  to  prepare  an  analysis  of  the  commercial  law 
issues  associated  with  stored  value  cards  and  e-cash."*  Their  study  of  the 
commercial  legal  environment  emphasizes  that  the  new  technology-based 
payment  mechanisms,  many  of  which  have  been  introduced  to  this  Subcommittee 
today,  are  indeed  quite  consistent  with  the  long  tradition  of  substituting  for  legal 
tender  the  transfer  of  the  legal  obligation  of  another  to  make  payment.  Indeed, 
examining  the  legal  concept  of  payment,  the  Task  Force  has  emphasized  that 
satisfying  the  payment  obligation  with  such  mechanisms  does  not  involve 
"money",  as  such  term  is  defined  under  the  Uniform  Commercial  Code— the  new 
products  are  not  "a  medium  of  exchange  authorized  or  adopted  by  a  domestic  or 
foreign  government."^  Consistent  with  Federal  law,  since  such  products  are  not 
United  States  coins  or  currency,  they  are  also  not  legal  tender.^ 

Thus,  in  considering  new  electronic  payment  mechanisms,  we  are  reminded  that, 
for  deliberating  upon  the  future  of  money,  there  are  important  attributes  in  the 
definitions  of  "money"  and  "legal  tender"  which  are  absent  from  these 
products.  Moreover,  in  the  United  States,  as  the  Task  Force's  draft  report 
concludes,  the  commercial  viability  of  the  current  payment  systems  in  which  bank 
credits  are  transferred  in  satisfaction  of  the  payment  obligation  finds  its  strength 
within  a  mature,  comprehensive  private  system  of  rules,  relationships  and  contract 
structures  among  financial  institutions,  their  customers  and  their  networks  (such 
as  NACHA).  These  systems,  and  the  payment  obligations  of  each  transaction,  are 
a)  underwritten  by  an  environment  in  which  the  bank  credits,  measured  in 
national    currency,    are   themselves    insured    and    regulated    by    the    Federal 


'  Kurtzman,  note  1  supra. 

'  "A  Commercial  Lawyer's  Take  on  the  Electronic  Purse",  Second  Discussion  Draft  dated  May  20,  1996 

was  the  subject  of  a  drafting  meeting  held  in  late  May.  The  Task  Force  on  Stored  Value  Cards  hopes  to 

publish  the  final  version  of  their  report  in  August. 

'  Uniform  Commercial  Code,  Section  1-201  (24). 

'31  U.S.C.  5103. 
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government  and  b)  confirmed  by  the  adoption  in  the  early  1990s  of  Article  4A  of 
3ie  Uniform  Commercial  Code. 

Such  is  clearly  not  the  case  with  the  new  payment  mechanisms.  For  the 
consumer,  critical  and  significant  questions  exist.  What  now  appears  clear  is  that 
the  use  of  these  mechanisms  in  attempting  to  discharge  a  payment  obligation  with 
stored  value  or  some  form  of  electronic  cash  is  no  different  than  the  earliest 
occasions  on  which  bank  credits  were  offered  as  payment~i.e.,  it  is  the  credit  of 
the  issuer  of  the  mechanism  that  is  tendered  to  discharge  the  payment  obligation. 
And,  in  that  respect,  the  situation  is  no  different  than  when  the  railroads  and 
banks  of  this  nation  issued  and  circulated  their  own  private  notes  as  payment 
mechanisms—their  value  in  the  market  is  solely  a  function  of  the  creditworthiness 
of  the  issuer. 

It  is  possible,  of  course,  for  transactions  to  result  in  the  buyer's  debt  being 
discharged.  Since  they  are  not  money  nor  legal  tender,  perhaps  the  best  future 
for  these  new  payment  products  is  to  consider  them  as  possible  "currency".  By 
definition,  "currency"  may  be  any  medium  of  exchange  that  is  passed  through  a 
series  of  continuous  transactions.  The  question  to  analyze,  not  a  new  issue  in 
history,  is  the  role  of  government  in  regulating  the  emergence  of  new 
"currencies"  seeking  to  earn  a  place  in  the  market. 

I  would  submit,  as  with  the  existing  non-money  payment  mechanisms,  the 
suitability  of  a  new  "currency"  for  discharging  the  debt  obligation  in  connection 
with  a  sale  of  goods  or  services  will  be  measured  by  the  same  standards  of  the 
present  market.  Success  will  be  a  function  of  the  degree  to  which  a  connected 
network  of  commercial  arrangements  have  been  developed  defining  the  method 
of  discharge,  the  recourse  if  the  discharge  proves  to  be  rejected  by  an  issuer  and  a 
means,  perhaps,  for  verifying  the  credit  availability  of  the  party  tendering  the 
payment.  Those  types  of  contracts  and  relationships  find  their  foundation  in  the 
fabric  of  commercial  law.  As  well,  and  perhaps  more  importantly  to  their  success, 
the  surviving  new  "currencies"  must  be  accompanied  by  the  evolution  of  well- 
recognized  commercial  practices  that  provide  a  framework  for  their  scalability 
into  the  global  marketplace. 

Here,  then,  is  a  differing,  perhaps  more  sobering  perspective  on  these  new 
payment  mechanisms,  particularly  with  a  view  toward  their  utility  in  facilitating 
international  trade  transactions,  including  those  by  consumers: 

•    The  new  stored  value  and  electronic  cash  products  are  not  money  and 
they  do  not  represent  the  use  of  legal  tender. 

•  Absent  a  change  in  Federal  law,  no  seller  is  required  to  accept 
these  products  as  discharge  of  the  payment  obligation. 

•  The  new  cashless  products  lack  the  attributes  of 
creditworthiness  or  predictable  value  with  which  a  true 
substitute  for  money  might  find  its  measure. 
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•  The  products  offer  no  fundamentally  innovative  element— they  merely 
provide  a  different  non-money  means  of  discharging  a  payment 
obligation;  they  lack  the  complex,  integrated  systems  of  rules, 
underwriting  and  means  of  calculating  finality  of  payment  that  are 
essential  to  the  evolution  of  a  meaningful  alternative  to  the  use  of  legal 
tender  for  payment. 

•  The  products,  though  technologically  innovative,  are  radically 
inconsistent  in  the  manner  in  which  they  have  anticipated  the  realities 
of  how  payment  obligations  are  considered  under  commercial  law. 
Survival  in  the  market  will  be  largely  determined  by  their 
responsiveness  to  the  need  to  be  linked  to  those  realities. 

However,  the  development  of  electronic  payment  mechanisms  is  vital  to  fostering 
the  potential  of  the  global  electronic  marketplace.  Facilitating,  as  part  of  an 
integrated  domestic  and  monetary  pohcy,  the  evolution  of  competitive 
alternatives  can  also  be  endorsed.  As  consumers  abandon  money  in  favor  of 
bank  credits,  there  should  be  a  willingness  to  endorse  the  further  competitive 
introduction  of  new  payment  mechanisms.  But  the  need  for  a  uniform  commercial 
law  construct  is  apparent.  Whether  that  framework  evolves  as  a  matter  of  law- 
making, or  through  effective  industry  self-regulation,  is  not  as  important  as 
challenging  the  new  technologies  and  their  providers  to  integrate  into  the 
development  process  the  formulation  of  the  business  practices  and  legal  norms 
that  are  essential  to  earning  consumer  confidence. 

Equally  compelling  is  to  affirm,  as  with  the  existing  bank  credits  payment  system, 
that  our  national  currency  remains  important  as  a  foundation  of  our  confidence  in 
the  bank  credits  themselves.  Although  the  meaning  of  money  as  authorized  legal 
tender  may  be  difficult  to  define  with  precision,  there  is  no  question  that  the 
indirect  capability  of  each  transaction  to  trace  its  value  back  to  the  obligations  of 
the  nation  state  represented  by  the  U.S.  dollar  is  vital  to  consumer  confidence  in 
those  bank  credits.  The  same  need  is  likely  to  exist  for  the  global  markets  of 
electronic  commerce:  both  for  consumers  and  for  the  national  central  banks' 
management  of  their  economies,  national  monies  must  maintain  their  relevancy. 

The  Need  for  "Currency"  in  International  Trade 

When  considering  the  potential  of  the  Internet  and  the  World  Wide  Web  to 
sustain  global  business,  it  is  essential  to  emphasize  the  potential  power  of  the 
consumer  to  pursue  and  seek  to  execute  the  purchase  of  goods  or  services  from 
virtually  any  location  in  the  world.  In  those  transactions,  conducted  entirely 
electronically,  what  will  be  vital  is  that  we  evolve  proactively  a  certain  uniformity 
in  the  options  available  for  discharging  the  payment  obligation.  The  challenge  is 
to  assure  that,  as  substitutions  for  money,  the  global  community  has  confidence  in 
the  meaning  and  definition  of  the  alternatives. 

Stored  value  and  electronic  cash  are  fundamentally  important  to  this  challenge. 
Responding  to  the  combined  realities  that  a)  the  money  of  any  national  currency 
has  no  predictable  value  and  b)  many  credit  payment  systems,  including  that  of 
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the  United  States,  have  not  yet  evolved  to  allow  for  the  cross-border  recognition 
of  the  credits  of  non-domestic  banks,  commerce  on  the  Net  demands  some 
mechanisms  of  payment  which  are,  at  least  arguably,  independent  of  the  existing 
banking  network.  In  addition,  the  capacity  of  the  Net  to  provide  secure  payment 
mechanisms  to  the  consumer  for  small  transactions  is  indispensable  to  the 
realization  of  consumer  participation  in  the  electronic  marketplace.  These 
mechanisms,  and  the  next  generations  which  have  not  yet  been  invented,  provide 
portable  access  to  the  digital  contract  structures  which  are  the  essence  of  doing 
business  on  the  Net.  Scalable  to  the  global  market,  and  capable  of  being  accepted 
through  nearly  instantaneous  means  of  verifying  the  creditworthiness  of  the 
obligation,  these  new  mechanisms  offer  considerable  potential  for  achieving 
progress  in  the  marketplace. 

What  must  be  considered  still  is  the  bundle  of  policy  issues  associated  with 
facilitating  trade  growth,  particularly  in  promoting  the  future  of  electronic 
commerce,  with  the  introduction  of  payment  mechanisms  which  are  independent 
of  the  existing  infrastructures.  We  considered  the  same  situation  in  assessing  the 
suitability  in  commerce  of  private  notes  issued  by  railroads  or  by  different  state 
banks.  In  Europe,  the  situation  is  little  different  than  the  one  considered  in 
formulating  the  solution  of  the  European  Currency  Unit. 

Globally  we  now  face  similar  circumstances:  there  is  a  tremendous  range  of 
national  monies,  bank  credit  systems  or  new  payment  mechanisms  from  which  the 
consumer  may  choose.  However,  for  the  potential  of  Internet  business 
transactions,  governments— pressured  to  facilitate  rather  than  serve  as  barriers- 
must  nevertheless  take  into  account  the  consumer  need  for  both  predictability 
and  safety  in  the  marketplace.  The  challenge  is  not  to  suppress  alternative 
payment  mechanisms,  but  to  encourage  their  competitiveness,  both  with  legal 
tender  and  with  existing  alternative  payment  systems  (such  as  travelers  checks  or 
certain  credit  cards),  by  providing  a  predictability  in  their  value. 

I  wish  to  also  endorse  the  need  to  consider  the  proper  and  legitimate  importance 
of  taking  account  of  the  needs  of  government,  particularly  for  monitoring  the 
flow  of  goods  and  services  across  national  boundaries.  It  is  essential  that,  for  the 
purposes  of  facilitating  international  trade,  we  define  the  principles  of 
jurisdictional  nexus  and  sustain  the  continued  capacities  of  governments  to 
legitimately  collect  the  duties,  taxes  and  fees  which  are  vital  sources  of  revenue 
for  sustaining  essential  government  services  in  supporting  more  open  market 
policies. 

Thus,  for  the  consumer  to  participate  in  international  trade,  in  order  for  electronic 
commerce  to  expand  to  its  full  potential,  we  must  recognize  that  the  payment 
obligation  of  every  transaction  requires  attention.  Trade,  particularly  for  the 
consumer,  requires  a  "currency"— a  medium  of  exchange  which  can  be 
exchanged  in  continuous  transactions.  Today,  in  the  paper  environment  of 
national  monies,  there  is  little  question,  despite  abandonment  of  the  Bretton 
Woods  accord,  the  $100  bill  is  the  currency  of  international  transactions.  But  the 
Net  requires  a  different  solution— diversity  in  the  mechanisms  of  payment  can  be 
encouraged,  but  only  if  the  underlying  legal  frameworks  provide  predictability  as 
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to  the  value  of  the  payment  and  the  finahty  of  the  discharge  of  the  payment 
obHgation. 


The  Importance  of  UN/EDIFACT 

Beginning  in  1986,  under  the  auspices  of  the  United  Nations  and  the 
International  Standards  Organization,  a  monumental  effort  has  proceeded  forward 
to  deliver  to  the  future  of  international  electronic  commerce  the  tools  required  to 
allow  our  computers,  our  networks  and  our  technology  devices  to  sustciin  the 
potential  of  an  open,  electronic  world  marketplace.  These  activities,  now  being 
sustained  by  governments  and  companies  from  all  of  the  continents  of  the  world, 
have  produced  a  remarkable  result:  a  uniform,  digital  language  which  allows  all 
buyers  and  all  sellers  to  conmiunicate  the  information  required  to  do  business 
regardless  of  the  native  language  of  the  parties.  Using  comprehensive  dictionaries 
of  standard  codes  and  syntax,  commercial  and  governmental  parties- 
manufacturers,  transporters,  bankers,  insurers,  and  their  administrative  colleagues 
in  tax,  licensing,  customs— can  exchange  the  required  information  and  execute 
and  perform  the  series  of  contracts  which  are  part  of  any  international  trade 
transaction. 

Known  as  UN/EDIFACT,  which  is  an  acronym  for  electronic  data  interchange  for 
administration,  commerce  and  transport,  we  now  have  available  a  harmonized, 
single  tool  which  can  support  global  electronic  commerce.^  UN/EDIFACT 
continues  to  gain  in  its  depth  and  its  adaptability-the  European  Union  has 
previously  stated  that  the  successful  integration  of  UN/EDIFACT  will  be  one  of 
their  highest  priorities  for  facilitating  the  internal  market  growth  of  Europe.  In  the 
United  States,  the  National  Institute  of  Science  and  Technology  has  endorsed 
UN/EDIFACT  as  an  acceptable  standard  for  structuring  all  electronic  data 
interchange  applications  of  this  government.  Indeed,  the  use  of  UN/EDIFACT 
has  been  made  a  matter  of  national  law  in  some  countries. 

Whether  used  in  private  networks  or  across  the  Internet,  UN/EDIFACT  is  the 
emerging  public  standard  of  trade.  It  permits  both  companies  and  consumers  to 
work  on  a  screen  in  their  language  of  choice,  but  allows  the  computers  and  the 
networks  to  automatically  translate  and  process  the  communications  in  the 
background.  UN/EDDFACT  provides  predictability  and  it  provides  certainty— 
these  are  essential  attributes  to  facilitating  the  continued  growth  of  the  future  of 
electronic  commerce. 

At  first  glance,  the  significance  of  UN/EDIFACT  and  its  rapid  development  to  the 
future  of  money  may  not  be  fully  appreciated.  However,  UN/EDIFACT  has 
confirmed  that,  when  considering  the  existence  of  different  private  and  national 
standards  for  formatting  the  "front-end"  of  trade  communication  (the  payment 


'  UN/EDIFACT  has  been  developed  under  the  auspices  of  the  United  Nations  Economic  Commission  for 
Europe  Working  Party  on  the  Facilitation  of  International  Trade  Procedures.  Significant  materials  regarding 
the  Working  Party  and  its  activities  may  be  found  on  the  World  Wide  Web  at 
http://www.unicc.Org/unece/trade/facil/wp4_tor.htmandhttp://www.unicc.org/unece/trade/trade_h.htm. 
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being  the  "back-end")  the  global  communities  of  business  and  government  can 
effectively  and  successfully  develop  solutions  for  electronic  commerce  which 
evidence  the  necessary  quahties  of  predictability  and  certainty.  Faced  with 
diversity  in  the  availability  of  the  different  mechanisms  for  automating  business 
communication,  the  international  trade  community,  pursuing  an  open  market  for 
electronic  commerce,  has  nevertheless  forged  a  common  framework  of  the  tools 
and  processes  required  for  executing  business  transactions  on  the  Net. 

Moreover,  history  indicates  that  the  private  sector  (which  has  provided  much  of 
the  sweat  equity  toward  the  development  of  UN/EDIFACT)  can  demonstrate  an 
awareness  of,  and  accomodate,  the  needs  of  government  in  developing 
technology  solutions  for  electronic  commerce.  Indeed,  the  acronym  of 
UN/EDIFACT  evidences  a  rare  partnership—the  tools  were  intended  to  be  used 
equally  by  those  performing  the  administrative  governmental  functions  and  the 
commercial  parties  themselves. 

As  the  global  community  has  been  developing  UN/EDIFACr,  those  active  in  the 
process  have  never  failed  to  value,  and  give  importance  to  the  need  for,  the 
parallel  development  of  defined  business  practices  and  uniform  legal  structures  to 
support  the  execution  of  new  electronic  means  of  executing  business 
transactions.  In  much  of  our  work,  we  have  emphasized  the  need  for  private 
sector  leadership  in  defining  legal  solutions  through  the  development  of  new 
business  practices,  rather  than  relying  upon  national  or  international  law  reform  as 
a  mechanism  for  change.  Our  focus  has  been  consistent:  advocate  for  commerce 
to  set  its  own  rules  and  encourage  government  to  subsequently  confirm  in  law 
the  norms  of  commerce. 

The  Potential  for  Transnational  Self-Regulation 

The  introduction  of  new  payment  mechanisms  requires,  as  an  essential  predicate, 
the  formulation  of  an  integrated  framework  of  commercial  practices  and  rule 
systems  which  will  assure  the  predictability  and  consistency  required  to  foster 
consumer  confidence  in  their  use.  It  is  essential  that  we  foster  a  global 
"currency"  to  sustain  payments  on  the  Net;  it  is  likely  that  we  will  construct  the 
solutions  on  the  underlying  tapestry  of  national  and  regional  monies  and  the 
existing  international  framework  of  banking  and  government. 

To  commit  to  this  objective  requires  a  commitment  by  industry  to  invest  the 
additional  resources  needed  to  bring  to  the  payment  obligation  the  same  type  of 
leadership  and  investment  which  has  been  made  to  formulate  the  global  language 
for  the  contract  and  its  performance  represented  by  UN/EDIFACT.  It  is  possible 
to  overcome  competitive  differences  and  find  the  common  elements  around 
which  predictability  and  consistency  can  be  achieved,  and  to  do  so  in  a 
collaborative  fostering  of  the  requirements  of  government.  The  difficult  is  finding, 
for  the  global  dimensions  of  the  challenge,  a  suitable  global  venue  in  which  to 
foster  the  debate  and  the  accelerate  development  of  appropriate  solutions. 

As  commerce  has  extended  into  other  global  spaces-marine  transport,  air 
transport  and  now  space  itself-much  of  the  international  law  that  now  governs 
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commerce  in  those  spaces  was  crafted  through  the  formulation  of  industry-led 
solutions  subsequently  ratified  as  international  law.  For  the  Net,  perhaps  the  last 
global  space  (and  one  wholly  constructed  upon  privately-owned  infrastructure), 
Sie  lessons  of  history  are  compelling.  Commerce  should,  and  perhaps  must,  take 
the  lead  in  crafting  the  business  practices  and  attendant  legal  structures.  To  do 
otherwise  invites  national  legislative  and  administrative  intervention  which  can 
disable,  through  protective,  uninformed  or  simply  inconsistent  law-making,  the 
potential  of  the  Net  to  serve  as  a  marketplace  for  the  world  accessible  through  the 
power  of  our  computers  and  our  networks.  Uniformity  is  an  essential  aspect  of 
predictability. 

The  challenges  for  electronic  payments  are  no  different  than  for  other  attributes 
of  the  global  information  infrastructure  and  electronic  commerce  as  a  whole.  It  is 
my  pleasure  to  report  upon  an  initiative  underway  to  develop  and  provide  to  the 
global  community  a  methodology  for  developing  solutions  which  takes  account 
of  the  entwinement  of  government  and  commerce,  technology  and  standards,  and 
business  processes  and  law.  Proposed  as  the  Internet  Law  &  Policy  Forum  (the 
"ILPF'),  over  20  multi-national  corporate  stakeholders  in  the  future  of  electronic 
commerce  have  organized  to  establish  a  venue  which  can  serve  as  a  global 
resource  for  education  and  awareness  and  for  coordination  of  the  business  and 
legal  structures  necessary  to  sustain  a  global  electronic  marketplace.^  Most 
importantly,  the  Forum  reflects  a  model  for  law-making  for  the  future,  which 
allows  commerce  its  legitimate  role  in  developing  the  necessary  instruments  of  the 
marketplace. 

The  ILPF  is  a  means  of  providing  to  commerce  a  methodology  for  developing 
suitable  tools  for  achieving  best  business  practices  and  resolving  the  legal  aspects 
of  electronic  commerce  and  internetworking.  The  Forum  is  intended  as  a  global, 
non-governmental  organization  endeavoring  to  produce  uniform  solutions 
acceptable  to  a  global  Intemetworked  community.  Consistent  with  my  remarks 
today,  the  Forum  provides  a  means  by  which  consortia,  industry  groups  and 
governments  can  develop: 

•  uniform  definitions  of  terms  for  commercial  transactions. 

•  model    agreements,   codes    of  conduct    or   other   commercial   terms 
reflecting  industry  standards  for  a  global  space. 

•  model  national  laws  (both  statutory  and  administrative)  as  well  as 
possible  treaties  or  conventions. 

In  addition,  the  ILPF  recognizes  the  need  for  collaboration  with  government  and 
will  endeavor  to  promote  policy  dialogues  and  seek  to  educate  government  on 
emerging  uses,  commercial  practices  and  social  ethics  related  to  global  electronic 
conunerce.  The  Forum's  sponsors  seek  to  facilitate  the  emergence  of  an  efficient 
and  predictable  marketplace  in  which  electronic  commerce  can  advance.' 


'  Additional  information  regarding  the  proposed  structure  of  the  Internet  Law  &  Policy  Forum  is  located  at 

http://www.discovery.org./iltf.html. 

^  The  Subcommittee  staff  has  separately  received  additional  documents  relating  to  frequently  asked  questions 

(and  the  answers)  regarding  the  ILPF  and  its  objectives. 
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In  its  design,  the  ILPF  reflects  the  best  attributes  of  what  succeeds  for  industry 
self- regulation.  It  will  operate  on  a  market-driven  basis,  with  business  discipline, 
requiring  defined  work  products  to  be  produced  against  timetables  and 
committed  financial  budgets.  It  will  emphasize  the  partnerships  between 
technology  and  legal  standards  and  the  necessity  for  informed  dialogue  between 
government  and  the  private  sector.  Today,  the  ILPF  is  endeavoring  to 
demonstrate  its  potential  before  permanent  funding  is  secured  through  the 
execution  of  certain  pilot  projects. 

As  to  the  future  of  money,  the  attributes  of  the  ILPF  and  its  success  in  organizing 
to  date-the  success  of  the  global  business  community  in  facilitating 
UN/EDIFACT~should  be  considered  as  strong  endorsement  for  the  potential  of 
the  financial  community  and  the  broader  commercial  community  to  organize  and 
respond  to  the  need  for  commercial  legal  structures  for  the  new  payment 
mechanisms.  Whether  organized  under  the  proposed  Forum,  or  as  a  collaboration 
among  such  organizations  as  NACHA  or  SWIFT,  what  is  essential  is  to  begin  the 
process  and  to  better  promote  the  competitive  potential  of  the  new  products  by 
facilitating  the  emergence  of  a  global  environment  that  provides  predictability  to 
their  use. 

An  Opportunity  for  Leadership 

One  of  the  challenges  for  the  new  products  remains  the  reluctance  of  national 
central  banks  to  consider  the  emergence  of  non-cash  payment  mechanisms  for  the 
electronic  age.  The  G-7  Working  Group  on  Electronic  Commerce  has  been 
exploring  these  issues;  in  their  hearings  a  number  of  private  banks  have  reported 
the  national  central  banks,  including  Banque  du  France,  Bank  of  England  and  the 
Federal  Reserve  Board  are  in  denial  about  the  impending  changes.  James 
Johnson,  a  private  sector  executive  who  chairs  the  United  States  G-7  negotiating 
team,  has  been  calling  for  more  global  responsiveness.  The  World  Bank  is 
requested  to  add  another  day  to  their  annual  meeting  in  October  to  allow  the 
member  Ministers  of  Finance  to  be  briefed  on  these  same  issues. 

In  the  United  States,  throughout  the  last  half-century,  we  have  demonstrated 
leadership  first  in  providing  money  with  true,  predictable  value  and  second  in 
expanding  the  global  financial  network  to  provide,  among  banking  institutions, 
authentic,  efficient  means  of  transferring  account  deposits.  The  stability  of  our 
national  and  international  financial  environment  reflects  the  success  of  adapting 
payment  mechanisms  to  be  manageable  tools  in  facilitating  the  management  of 
economies  and  monetary  policies. 

For  the  new  age  of  electronic  commerce,  leadership  in  considering  non-cash 
payment  mechanisms,  and  endorsing  the  development  of  commercial  legal 
systems  that  relate  to  the  value  of  national  monies,  will  accrue  continued  benefits 
for  the  global  currency  value  of  the  U.S.  dollar  and  the  accessibility  of  the  U.S. 
market  to  global  trade  opportunities.  Such  leadership  begins  with  collaboration 
and  informed  dialogue,  but  it  would  likely  be  useful  for  this  Subcommittee  to 
consider  focusing  the  attention  of  the  Federal  Reserve  Board  on  the  needs  of 
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global  electronic  commerce  and  fostering  an  environment  in  which  industry- 
driven  resolve  to  advance  self-regulatory  solutions  can  be  encouraged. 

Thank  you  for  your  attention.  I  would  welcome  your  questions  and  comments.'" 


'  Mr.  Ritter  may  be  conucted  atjritter@eclips.osc.edu  or  by  voice  at  614.292.5691. 

10 


198 


mNACHA 

I  ELECTRONIC  PAYMENTS 

I  safe  •  reliable  •  convenient 


The  National 

Automated 

Clearing  House 

Assodation 

607  Herndon  Parkway 

Suite  200 

Herndon,  VA  20170 

Phone:  703/742-9190 

Fax:  703/787-0996 

E-mal: 

admin@nacha.org 


THE  FUTURE  OF  MONEY  IV 


INTERNATIONAL  IMPLICATIONS  OF 
DEVELOPING  ELECTRONIC  COMMERCE  INITIATIVES 


JUNE  11,  1996 


U.S.  House  of  Representatives 

Committee  on  Banking  and  Financial  Services 

Subcommittee  on  Domestic  and  International  Monetary  Policy 


Elliott  C.  McEntee 
President  and  Chief  Executive  Officer 


i 


199 


The  National  Automated  Clearing  House  Association  ("NACHA")  is  pleased  to  be  given  this 
opportunity  to  share  its  views  on  developing  electronic  payment  initiatives,  and  their 
international  implications.  NACHA  is  actively  pursuing  a  number  of  developments  of  interest 
to  this  subcommittee.  We  have  benefitted  greatly  from  the  three  preceding  hearings  in  this 
series  on  the  "Future  of  Money"  and  NACHA  applauds  the  subcommittee's  efforts  to  explore 
the  public  policy  implications  associated  with  developments  in  electronic  money.   NACHA 
also  supports  the  view  that  Congress  should  refrain  from  pursuing  an  active  legislative 
approach  to  rulemaking  in  these  areas  at  this  time. 

The  National  Automated  Clearing  House  Association 

NACHA  is  a  nonprofit  association  owned  by  the  banking  industry  that  promulgates  the  rules  and 
operating  guidelines  for  electronic  payments.  For  example,  we  developed  the  rules  for  automated 
clearing  house  ("ACH")  transactions  such  as  direct  deposit  of  payroll,  direct  payment  and 
electronic  data  interchange  ("EDF')  transactions.  NACHA's  membership  includes  38  regional 
ACH  associations  and  their  13,000  financial  institution  members.  The  ACH  Network  serves  more 
than  500,000  companies  and  over  50  percent  of  all  households.  Last  year,  3.5  billion  payments 
were  processed  through  the  ACH  Network  totaling  1 1  trillion  dollars. 

NACHA's  mission  is  to  provide  benefit  to  its  members  and  other  payments  system  stakeholders; 
and  to  be  the  leader  in  the  ACH  and  a  recognized  leader  in  the  development,  promotion  and  use 
of  electronic  solutions  to  improve  the  payments  system    In  fulfilling  this  mission,  NACHA 
publishes  educational  materials  and  provides  access  to  its  website  on  the  Internet    Our  education 
programs  include  an  annual  payments  conference  and  an  international  ACH  conference  (given  in 
the  Spring),  administration  of  the  Payments  Institute  (Summer),  and  a  number  of  conferences 
focussing  on  specific  payments  issues.  One  such  conference  is  CyberPayments  '96  to  be  held  in 
Dallas,  TX  on  June  18-19,  1996. 

As  a  consensus-builder  for  the  banking  industry  and  its  constituents  in  the  area  of  electrorjic 
payments,  NACHA  administers  a  number  of  membership  programs  and  councils  to  address 
specific  payments  system  development  needs.  These  include  an  Affiliate  Membership  Program  for 
non-financial  institution  users  of  the  payments  system,  the  Bankers  Electronic  Data  Interchange 
("EDI")  Council,  the  Bill  Payment  Council,  and  the  Electronic  Check  Council.  Three  other 
NACHA  councils  are  addressed  in  more  detail  below.  Finally,  NACHA  is  affiliated  with  the 
National  Organization  of  Clearing  Houses  and  the  National  Council  for  Uniform  Interest 
Compensation,  which  address  primarily  check  processing  and  wire  transfer  issues  respectively. 

National  ACH  Operating  Rules  Developed 

NACHA  takes  pride  in  its  ability  to  bring  together  payments  system  stakeholders  in  the 
development  of  private-sector  rules  and  operating  conventions.  In  1974,  NACHA  was  created  to 
coordinate  the  exchange  of  ACH  items  throughout  the  country  by  developing  standard  operating 
rules  and  formats.  The  resulting  NACHA  Operating  Rules  pre-date  passage  of  the  Electronic 
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Fund  Transfer  Act.  In  fact,  in  some  areas,  the  NACHA  rules  actually  provide  more  robust 
consumer  protections  than  are  available  under  this  Act  and  its  implementing  regulation. 

The  rulemaking  process  for  the  ACH  Network  is  a  dynamic  one  and  rules  changes  are  developed 
and  implemented  as  circumstances  dictate. 

A  common  purpose  of  all  payments  system  operating  rules  such  as  those  developed  by  NACHA  is 
to  establish  the  rights,  responsibilities  and  liabilities  of  the  various  parties  to  the  processing  of  a 
payment  transaction  governed  by  the  rules.  Under  payments  system  rules,  a  party  to  a  transaction 
provides  certain  warranties  to  its  counterparty(ies)  to  the  transaction  in  accordance  with  pre- 
defined requirements.  In  exchange  for  these  warranties,  settlement  of  the  payment  transaction 
may  be  assured,  thereby  reducing  the  risk  borne  by  all  parties  to  the  transaction. 

Electronic  Benefits  Transfer  Program  Operating  Rules 

It  was  only  a  few  years  ago  that  electronic  benefits  transfer  ("EBT")  was  such  an  infant  mode  of 
benefits  delivery  that  progress  was  tracked  by  the  number  of  states  merely  studying  its  potential. 
Now,  in  1996,  EBT  is  growing  rapidly  as  a  more  efficient  and  inexpensive  means  of  benefits 
delivery  in  all  its  forms. 

Contributing  to  the  expansion  of  successfiil  EBT  programs  will  be  the  recent  approval  by 
NACHA' s  EBT  Council  of  the  first  set  of  operating  rules  that  provide  a  fi^amework  for 
nationwide  EBT.  These  rules  resulted  fi^om  the  interaction  of  state  and  federal  agencies,  issuing 
and  acquiring  financial  institutions,  bank-owned  networks,  and  the  merchant  community.  Over 
forty  states  participated  in  the  rulemaking  effort,  either  directly  or  through  consortia  that  have 
joined  the  Council. 

Now  that  national  operating  rules  for  EBT  have  been  approved,  the  activities  of  the  EBT  Council 
are  focused  on: 

•  Maintaining  and  updating  the  operating  rules  to  reflect  innovations  in  EBT; 

•  Continuing  to  provide  a  forum  for  the  communication  and  exchange  of  EBT-related 
information  for  stakeholders;  and, 

•  Acting  as  an  information  resource  for  research  and  fi^aud  control  activities. 

Public  and  Private  Sector  Partnership 

NACHA' s  rulemaking  fimction  has  been  embraced  by  Federal,  state  and  local  government 
agencies  in  the  areas  of  tax  payments,  benefit  payments,  vendor  payments  and  direct  deposit.  In 
addition,  we  have  assisted  government  agencies  in  developing  and  implementing  electronic  tax, 
child  support,  and  health  care  payment  practices.  NACHA  will  also  be  working  closely  with  the 
Social  Security  Administration,  the  Treasury  Department's  Financial  Management  Service,  and 
the  Federal  Reserve  System  to  facilitate  implementation  of  the  recently  enacted  EFT  Expansion 
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Act.    As  part  of  the  Deficit  Downpayment  Act  of  1996,  this  new  legislation  will  result  in  millions 
of  dollars  in  savings  to  taxpayers  by  mandating  that  all  federal  payments  be  made  electronically  by 
1999. 

International  Operating  Rules 

Expansion  in  world  trade  doubles  every  five  years  and  there  is  a  need  for  a  safe,  convenient 
payment  mechanism  to  handle  the  types  of  transactions  not  conducive  to  wire  transfers  or  debit 
and  credit  card  transactions.  In  1993,  the  Cross-Border  Council  was  established  for  the  purpose 
of  developing  a  framework  for  the  efBcient  exchange  of  cross-border,  batch  oriented  electronic 
corporate  and  consumer  payments.  The  goal,  as  represented  by  the  Cross-Border  Payment  Rules, 
is  to  establish  a  set  of  principles,  operating  rules  and  standards  to  which  participants  agree  in 
order  to  effect  electronic  cross-border  payments.  These  rules  fill  a  gap  by  enabling  widespread 
origination  and  receipt  of  electronic  payments  like  ACH  entries  across  national  borders  through 
uniformity  and  process  standardization. 

In  recognition  of  the  priorities  imposed  by  the  North  American  Free  Trade  Agreement 
("NAFTA"),  the  Cross-Border  Council  has  focused  its  efforts  on  facilitating  electronic  payments 
between  parties  in  the  United  States,  Canada  and  Mexico  [see  Appendix  I].  So  far,  the  rules 
approved  by  the  Council  address  payments  between  the  U.S.  and  Canada,  and  the  plan  is  to 
involve  Mexico  by  year-end.  The  Cross-Border  Council  has  taken  a  phased  implementation 
approach  to  ensure  that  interaction  between  participants  is  thoroughly  tested  before  opening 
payment  exchange  to  broad-based  participation.  Phases  I  and  II  encompass  the  bi-directional 
exchange  of  business-to-individual  and  business-to-business  credit  payments  between  participants 
in  the  U.S.,  Canada,  and  Mexico.  Phase  III  is  still  under  development  and  is  targeted  for 
completion  by  early- 1997.  This  phase  will  expand  the  payment  types  supported  to  include  the 
exchange  of  financial  EDI  payments  (U.S.  doUarAJ.S.  dollar  and  U.S.  dollar/Canadian  dollar) 
between  the  U.S.  and  Canada,  and  debit  payments  among  all  three  countries. 

The  framework  established  by  the  Cross-Border  Payment  Rules  will  allow  universal  access  by 
U.S.  financial  institutions,  companies  and  residents  to  safe,  efficient  and  relatively  inexpensive 
electronic  payments  across  these  countries'  borders.  From  the  beginning,  the  rules  development 
process  recognized  the  need  to  preserve  existing  domestic  payment  system  rules  in  the 
participating  countries  and  this  has  been  accomplished    The  framework  established  by  the  cross- 
border  rules  is  capable  of  handling  all  forms  of  recurring  payments  such  as  payroll,  annuity  and 
pension  payments;  consumer  bill  payments  such  as  insurance  premiums,  magazine  subscriptions 
and  travel  expenses;  and  commercial  trade  payments. 

Looking  beyond  NAFTA,  other  countries  can  be  accommodated  as  implementation  of  the  cross- 
border  rules  advances  in  North  America.  To  facilitate  this  evolution,  NACHA  has  been 
consulting  with  a  number  of  central  bank  and  private-sector  ventures  around  the  world    The 
ultimate  objective  is  to  provide  a  global  framework  so  that  any  U.S.  company  or  financial 


The  Future  of  Money:  International  Implications  Page  3 


202 


institution,  regardless  of  size,  may  initiate  and  receive  non-wire  electronic  payments 
internationally  with  the  same  ease  and  safety  as  domestic  transactions  —  thereby  enhancing  the 
competitive  posture  of  US  commercial  interests. 

Internet  Commerce 

NACHA  is  starting  to  facilitate  the  development  of  a  more  secure  and  reliable  payments 
environment  with  respect  to  Internet  commerce  through  its  recent  creation  of  the  Internet 
Council.  Studies  show  that  fifteen  to  thirty  million  Americans  now  access  the  Internet  and 
commercial  interests  are  focusing  on  how  to  use  this  widely  accepted  technology  to  sell  hard  and 
soft  goods,  including  information.  Several  hundred  financial  institutions  are  now  accessible 
through  web  sites  and  some  are  beginning  to  make  traditional  banking  services  available  on-line. 
Organizations  committed  to  developing  commercial  uses  of  the  Internet  have  formed  numerous 
consortia  (e.g.,  CommerceNet  and  the  Financial  Services  Technology  Consortium)  to  develop 
technical  mechanisms  and  standards.  At  the  same  time,  new  payment  intermediaries  are  emerging 
in  response  to  consumer  and  merchant  demand  for  safe  access  to  credit  cards,  debit  cards  and 
deposit  accounts.  More  than  30  entities  are  already  involved  in  the  development  of  technologies 
and  payment-related  services  to  support  Internet  commerce. 

Despite  the  large  and  growing  use  of  the  Internet  and  related  commercial  development  efforts, 
current  use  of  this  technology  for  actually  purchasing  goods  and  services  still  represents  only  a 
small  fraction  of  its  full  potential.  Nonetheless,  NACHA  views  the  Internet  as  a  promising  new 
vehicle  for  electronic  commerce  ~  both  domestically  and  internationally  ~  provided  certain 
conditions  are  satisfied. 

Before  wide  public  acceptance  of  the  Internet  as  a  means  to  transfer  value  can  be  guaranteed, 
issues  such  as  data  security,  payment  authorization,  privacy,  risk  management,  and  dispute 
resolution  will  all  need  to  be  addressed  by  the  private-sector.  Additionally,  the  market's  ability  to 
rationalize  business  risk  and  payments  system  settlement  significantly  lags  behind  the  technology, 
though  substantial  progress  is  now  being  made  [see  Appendix  II]    Until  all  these  issues  are 
thoroughly  understood  and  resolved,  consumers,  merchants  and  financial  institutions  alike  will 
lack  the  necessary  levels  of  confidence  to  utilize  the  full  potential  of  the  Internet  as  a  delivery 
channel  for  commerce 

The  Internet  Council  was  established  to  complement  the  efforts  of  the  numerous  Internet-related 
commercial  and  financial  services  technology  development  efforts  and  meet  the  policy  challenges 
associated  with  universal  access  and  acceptance.  The  U.S.  and  global  payments  systems  which 
will  be  used  to  settle  payment  orders  initiated  through  the  Internet  have  only  just  begun 
conducting  impact  analyses.  Traditional  payment  mechanisms  (e.g.  ATM,  credit  card,  ACH 
transactions,  wire  transfers,  etc  ),  as  well  as  those  that  may  be  developed  specifically  for  the 
Internet,  will  be  used  to  clear  and  settle  Internet  commerce  transactions.  To  ensure  that 
commerce  over  the  Internet  is  widely  accepted,  the  payments  system  and  the  Internet  must  have  a 
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strong  unifying  foundation.  Moreover,  because  financial  institutions  are  the  only  entities  with 
direct  access  to  the  payments  system  and,  at  the  same  time,  have  established  monetary 
relationships  with  more  than  90  percent  of  US  households  and  businesses,  it  is  vita!  that  they 
play  an  integral  and  proactive  role  in  the  development  of  commercial  uses  of  the  Internet 

The  Internet  Council's  mission  is  to  develop  risk  management  standards  and  business  practices  to 
ensure  that  the  payments  system  supports  safe  and  secure  Internet  commerce  with  stakeholders 
working  together  towards  the  common  goal.  And,  since  access  to  the  Internet  is  global,  a  critical 
enhancement  to  this  process  will  be  the  groundwork  already  established  by  the  banking  industry 
with  respect  to  cross-border  ACH  transactions. 

«  *  *  *  * 

In  closing,  NACHA  sees  great  promise  in  the  developing  electronic  payment  technologies  that  this 
subcommittee  is  now  addressing  and  we  believe  the  banking  industry's  demonstrated  capacity  to 
address  important  public  policy  requirements  on  its  own  bodes  well  for  ensuring  public 
acceptance  and  protection. 


Visit  NACHA  on  the  Internet  at  Mninv.naclta.org. 
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APPENDIX  I 

FOCUS:  Cross-Border  Payment  Rules 

The  framework  for  originating  business  to  individual  credits  between  the  U.S.  and  Canada  (Phase  I 
of  the  Cross-Border  Council's  goal)  has  now  been  established.  This  document  will  serve  to  outline 
the  highlights  of  the  new  guidelines,  which  will  enable  corporations  to  initiate  and  receive  cross- 
border  payments  between  the  U.S.  and  Canada.   The  Council  has  developed  a  comprehensive 
framework  that  details  the  principles,  rules,  and  standards,  taking  into  consideration  the  aspects  of: 
operations,  settlement,  foreign  exchange,  risk,  standards  and  formats,  legal  and  regulatory,  audit  and 
control,  security,  and  technical  concerns  of  all  the  participants. 

The  Phases  of  the  Council's  work  are  recapped  as  follows: 


PHASE  1 

PHASE  11 

PHASE  III 

Date 

August,  1995 

Targeting  1996 

Targeting 

introduced 

early- 1 997 

Countries 

US  and  Canada 

US,  Canada.  Mexico 

US.  Canada. 

included 

Mexico 

Types  of 

Business  to  individual 

Business  to  individual 

Business  to 

payments 

credits  between  the  U.S. 

credits  between  the  US.. 

individual  debits 

and  Canada 

Canada  and  Mexico, 

between  the  U.S.. 

business  to  business 

Canada  and 

credits  between  the  U.S.. 

Mexico 

Canada  and  Mexico 

Currency 

Fixed  amount  in 

Same  as  Phase  I 

Same  as  Phase  I 

supported 

currency  of  origination, 
variable  amount  in 
currency  of  receipt 

The  goal  of  this  new  payment  mechanism  is  to  interface  directly  with  the  existing  domestic  payment 
system  of  each  participating  country.  This  will  enable  batch-oriented,  electronic  payments  to  be 
made  efficiently  and  cost  effectively. 

The  framework  for  cross-border  payment  exchange  is  based  on  the  concept  of  Gateway  Operators, 
acting  in  each  country  in  two  fundamental  capacities: 

1)  Originating  Gateway  Operator  -  to  receive  payments  from  its  respective  national  payment 
system  and  forward  them  to  a  Receiving  Gateway  Operator  for  the  destination  country. 

2)  Receiving  Gateway  Operator  -  to  receive  payments  from  the  Originating  Gateway  Operator 
and  distribute  them  to  the  financial  institutions  participating  in  its  national  payment  system. 
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In  addition  to  the  receipt  and  transfer  of  entries  (both  forward  and  return),  the  Gateway  Operators 
will  perform  the  functions  of  foreign  exchange  conversion,  format  mapping  and  translation, 
settlement,  and  entry  archiving. 

Following  are  frequently  asked  questions,  designed  to  give  interested  parties  a  better  understanding  of 
the  rules  and  guidelines  required  by  the  Cross-Border  Payment  Rules  to  effect  cross-border  payments. 

•  General 

•  Roles  and  Responsibilities 

•  Procedures  and  Implementation 

•  Glossary  of  Terms 

Frequently  Asked  Questions  ("FAQ") 
General 

1.  What  are  cross-border  payments? 

Cross-border  payments  are  credit  and  debit  payment  instructions  exchanged  electronically  across 
national  borders  to  transfer  value  between  an  Originator  and  a  Receiver. 

2.  Why  are  cross-border  payments  important? 

With  nations'  economies  becoming  increasingly  interdependent  through  trade  and  investment  and  as 
funds  and  j)eople  become  more  mobile  globally,  the  need  to  move  money  across  borders  efficiently, 
securely,  timely  and  inexpensively  intensifies.   For  example,  current  cross-border  traffic  between  the 
United  States  and  Canada  alone  exceeds  more  than  40  million  items  a  year  totaling  over  1.5  billion  in 
US  Dollars.  Various  trade  agreements  (e.g.,  the  North  America  Free  Trade  Agreement  [NAFTA]) 
have  stimulated  the  growth  of  cross-border  payments,  particularly  between  and  among  the  United 
States,  Canada  and  Mexico.  Additionally,  there  is  an  increasing  number  of  retirees  living  across 
borders  who  need  to  receive  recurring  payments. 

3.  Who  are  the  participants? 

There  are  six  key  participants  in  the  cross-border  payments  process.  The  participants  include: 

•  the  customer  originating  the  request  ("Originator"); 

•  the  customer's  financial  institution  referred  to  as  the  Originating  Depository  Financial 
Institution  ("ODFI"); 

•  the  Originating  Gateway  Operator  ("OGO")  which  acts  as  an  intermediary  to  the  receiving 
country; 

•  the  Receiving  Gateway  Operator  ("RGO")  which  receives  the  information  from  the  OGO  and 
acts  as  the  intermediary  in  the  receiving  country; 
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•  the  Receiving  Depository  Financial  Institution  ("RDFI")  which  credits  the  appropriate 
Receiver's  account; 

•  the  organization  or  individual  receiving  the  electronic  funds  transfer  ("Receiver"). 

4.  How  are  cross-border  payments  made? 

Using  the  example  of  transferring  payments  from  the  United  States  to  Canada,  a  customer  sends  its 
ODFI  an  ACH-formatted  file  with  the  transactions  denominated  in  U.S.  dollars  ("USD")  and 
containing  the  cross-border  payment  field  specifications  as  dictated  by  the  Cross-Border  Payment 
Rules.   The  ODFI  transmits  the  entries  in  a  unique  batch  within  an  ACH  file  to  its  ACH  Operator. 
The  ACH  Operator  routes  the  entries  based  upon  the  routing  number  of  the  U.S.  RDFI,  which,  in  the 
case  of  cross-border  entries,  is  also  functioning  as  the  OGO. 

Keying  off  of  the  cross-border  payment  field  specifications,  the  OGO  separates  the  cross-border 
entries  from  domestic  ACH  payments  received  from  its  ACH  Operator  that  are  destined  to  account 
holders  at  its  institution. 

Once  separated  and  settled,  the  cross-border  entries  must  undergo  several  steps  to  be  transferred 
cross  border:  1)  converted  to  Canadian  dollars  ("CAD"),  2)  mapped/translated  into  the  Canadian 
Payments  Association  CPA  005  format,  3)  assigned  a  trace  number  by  the  Canadian  RGO,  4) 
archived  by  both  the  OGO  and  RGO,  and  5)  funds  settled  between  the  OGO  and  RGO. 

Within  the  Canadian  payment  system,  the  entries  will  follow  several  paths  to  reach  the  uhimate 
beneficiaries'  accounts  at  the  RGO,  forwarded  to  smaller  financial  institutions  (Indirect  Clearers) 
having  relationships  with  the  RGO  (Direct  Clearers),  or  cleared  and  settled  through  the  Canadian 
system  with  other  Direct  Clearers  for  crediting  to  Receivers  holding  accounts  with  those  direct 
clearers  or  with  Indirect  Clearers  served  by  those  Direct  Clearers. 

5.  What  payment  applications  can  benefit  from  this  cross-border  payment  process? 

Payment  applications  which  can  benefit  from  this  cross-border  payment  process  include  pension  and 
payroll  disbursements,  expense  account  reimbursements  and  a  variety  of  other  low  value,  higher 
volume  payments  which  are  presently  effected  by  check  and  typically  do  not  require  additional 
information  regarding  the  purpose  of  the  payment,  i.e.,  invoice  number. 

6.  What  are  the  benefits  of  this  cross-border  payment  mechanism? 

The  major  benefits  of  this  cross-border  payment  mechanism  are: 

•  The  efficiencies  of  the  national  payment  systems  afford  predictability  in  the  timing  of 
payments  and  substantially  cut  the  payment  cycle  time  compared  to  paper  checks. 

•  Payments  are  originated  and  received  in  the  national  formats  that  the  participants  are  already 
using,  minimizing  system  modifications. 
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•  Fees  and  charges  may  not  be  deducted  from  the  payment  par  amount  so  that  recipients  are 
assured  they  will  receive  the  full  amount  intended  by  the  Originator. 

•  Receivers  generally  are  provided  with  more  attractive  foreign  exchange  conversion  terms. 

•  Batch-oriented  electronic  payment  systems  should  translate  to  cost-effective  cross-border 
payments. 

•  All  participants  benefit  from  the  improved  reliability,  stability  and  efficiency  of  the  existing 
national  payment  systems  participating  in  this  process. 

•  This  system  makes  access  to  cross-border  payments  universal.  Financial  institutions, 
regardless  of  size,  may  offer  cross-border  payment  origination  services  to  their  customers. 

7.  How  do  I  find  out  more  information  so  that  I  can  begin  making  cross-border  payments? 

To  find  out  more  about  cross-border  payments  and  what  steps  must  be  taken  to  begin  making  them, 
please  contact  your  financial  institution  or  NACHA  at  703/742-9190  (phone);  703/742-8713  (fax); 
"cbc@nacha.org"  (e-mail). 

ROLES  AND  RESPONSIBIUTIES 

8.  What  are  the  roles  and  responsibilities  of  the  participants? 

There  may  be  as  few  as  one  or  several  participants  involved  in  making  cross-border  payments  to  the 
ultimate  receiver.  The  following  section  highlights  the  major  participants  and  their  roles  in 
processing  cross-border  payments. 


Originator 


Originating  Depository 
Financial  Institution 
(ODFI) 


The  Originator  of  an  electronic  payment  is  typically  a  company  with  a  need  to 
trafisfer  funds  to  another  company  or  individual.  The  Originator  is 
contractually  responsible  for  delivering  payment  instructions  to  the  ODFI  in 
the  format  specified  by  the  ODFI.  The  Originator  is  also  obligated  to  pay  for 
credit  transactions  originated.  Originators  engaging  in  the  exchange  of  cross- 
border  payments  must  adhere  to  any  requirements  and  obligations  for  payment 
origination  as  stipulated  by  other  respective  national  payment  systems. 

An  important  role  for  the  Originator  that  participates  in  cross  border  payment 
systems  is  to  be  a  knowledgeable  user.   Although  an  Originator  must  adhere  to 
the  requirements  and  obligations  of  their  respective  national  payment  system, 
they  must  also  be  aware  of  the  requirements,  obligations  and  rights  of  their 
foreign  trading  partners  as  stipulated  by  other  national  payment  systems.  For 
example,  the  time  frames  for  the  returns  may  vary  from  country  to  country.  It 
is  important  for  the  Originator  to  know  the  applicable  return  time  frame  in 
each  country  to  which  the  originator  wishes  to  distribute  entries. 

An  ODFI  is  typically  a  financial  institution  that  has  both  the  ability  to  originate 
electronic  payments  and  is  an  authorized  member  of  its  respective  national 
payment  system  with  full  settlement  capabilities  and  privileges. 
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An  OGO  is  a  payment  system  participant  that  has  entered  into  an  agreement 
with  one  or  more  payment  system  participants  in  one  or  more  other  countries 
allowing  them  to  forward  payments  for  distribution  into  the  national  payment 
system  of  another  country.   The  OGO  is  responsible  for  accepting  payments 
sent  through  its  national  payment  system  that  are  ultimately  destined  to 
accoimts  of  Receivers  in  another  coimtry. 

An  RGO  is  a  member  of  the  Receiver's  national  payment  system  with  full 
capability  and  privileges  for  origination  of  payments  within  that  payment 
system.  An  RGO  is  responsible,  through  contractual  obligations  with  an  OGO, 
to  distribute  payment  entries  that  have  been  originated  in  another  country  into 
the  receiving  national  payment  system. 

An  RDFI  is  typically  a  financial  institution  that  has  both  has  the  ability  to 
receive  electronic  payments  and  is  an  authorized  member  of  its  respective 
national  payment  system  with  full  settlement  capabilities  and  privileges. 
Because  RDFIs  are  passive  participants  in  the  cross-border  process  (they  do 
not  enter  into  agreements  to  receive  cross-border  entries),  the  Cross-Border 
Payment  Operating  Rules  place  no  requirements  on  them.  The  rights, 
obligations,  warranties  and  liabilities  of  an  RDFI  in  the  cross-border  system 
are  as  established  by  its  national  payment  system  rules. 

A  Receiver  is  either  a  corporation  or  individual  who  has  agreed  to  accept 
electronic  payments  through  their  national  payment  system  for  the  purpose  of 
either  paying  funds  to  or  receiving  funds  from  the  Originator. 


9.  What  are  the  liabilities  and  warranties  or  cross-border  Originators  and  Receivers? 

In  order  for  a  payment  network  or  system  to  work,  participants  must  take  on  certain  liabilities  and 
make  certain  warranties  to  other  participants.  Typically,  liabilities  and  warranties  address  such  topics 
as  timing,  payment  authorization,  settlement  and  indemnification.   These  liabilities  and  warranties  are 
designed  to  foster  broader  use  of  a  payment  network  by  offering  protection  to  the  participants. 
However,  with  cross-border  payments,  the  liabilities  and  warranties  may  seem  more  complex  than 
those  of  a  single  country  network  or  system.  The  liabilities  and  warranties  of  Originators  and 
Receivers  are  determined  by  the  rules  and  laws  governing  their  respective  national  payment  systems. 

Procedures  &  Implementation 

10.  How  is  foreign  exchange  effected? 

During  Phase  I  implementation,  cross-border  payments  will  be  originated  for  fixed-value  amounts  in 
the  currency  of  the  Originator's  country  (e.g.,  if  payment  is  originated  in  the  U.S.,  the  denomination 
is  in  USD)  and  received  for  the  variable  or  derived-value  amount  in  the  currency  denomination  of  the 
Receiver  (e.g.,  received  in  Canada  in  CAD).  Either  the  Originating  Gateway  Operator  or  Receiving 
Gateway  Operating,  depending  upon  the  bilateral  arrangements  in  place  between  these  entities,  may 
effect  foreign  exchange  conversion. 
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11.  How  are  Canadian  dollars  sent  to  the  U.S.  and  U.S.  dollars  sent  to  Canada? 

During  Implementation  Phase  I,  transactions  originated  in  the  United  States  and  destined  for  Canada 
will  be  converted  from  USD  to  CAD  by  either  the  OGO  or  the  RGO  before  entering  the  Canadian 
payment  system.   Payments  originated  in  Canada  that  are  destined  for  the  United  States  will  be 
converted  from  CAD  to  USD  before  entering  the  United  States  payment  system.   Subsequent  phases 
may  address  variations  of  this  foreign  exchange  process. 

12.  What  formats  are  used  for  cross-border  payments? 

Cross-border  payments  enter  the  national  payment  system  either  by  the  ODFI  in  the  originating 
country  or  by  the  RGO  in  the  receiving  country  -  in  the  appropriate  national  format  according  to  the 
Cross-Border  Payment  Format  Mapping  &  Translation  Specifications.   For  Implementation  Phase  I,  a 
direct  translation  between  the  NACHA  (U.S.)  and  CPA  005  (Canadian)  formats  will  most  likely  be 
performed  by  the  Gateway  Operators.   Long-term,  the  Council  will  be  adopting  universal  standards 
for  inter-gateway  exchange  to  maximize  efficiency  as  new  countries  and  payment  types  are  added. 
Other  file  formats  may  be  offered  by  the  individual  financial  institution. 

13.  What  are  the  legal  issues? 

In  matters  of  law,  participants  abide  by  the  legal  code  as  defined  by  their  respective  national  payment 
systems.  The  applicable  law  of  the  State  (Country)  of  the  Receiving  Gateway  Operator  governs  the 
relationships  between  Gateway  Operators,  unless  otherwise  amended  by  agreement.  This  is 
consistent  with  the  United  Nations  Commission  on  International  Trade  Laws  (UNCITRAL),  1991, 
Vol.  XXII.   It  is  further  required  by  the  Cross-Border  Payment  Operating  Rules  that  legal  agreements 
be  executed/amended  between  the  various  Participants  to  cover  cross  border  transactions. 

14.  What  are  the  Originator's  obligations  when  making  cross-border  payments? 

The  Originator  must  adhere  to  the  requirements  and  obligations  of  their  respective  national  payment 
system.   It  is  recommended  that  the  Originator  be  knowledgeable  about  the  requirements,  obligations 
and  rights  of  their  foreign  Receivers  since  these  Receivers  are  bound  by  the  rules  governing  their  own 
respective  national  payment  systems. 

15.  What  are  the  procedures  for  returned  items? 

RDFIs  can  return  cross-border  payments  based  on  the  rules  of  their  respective  national  payment 
system.  Gateway  Operators  will  enter  into  agreements  for  processing  procedures  for  items  being 
returned  for  any  reason.  This  would  include  timing,  foreign  exchange,  information  about  the  reason 
for  return,  etc.   The  timing  of  returned  items  will  be  based  on  the  national  payment  system  rules  of 
the  returning  bank,  and  therefore  will  vary  from  country  to  country.   Also,  it  is  important  to  note  that 
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the  foreign  exchange  rate  may  be  different  than  the  rate  used  for  the  original  item;  the  difference  will 
be  absorbed  by  the  Originator  unless  amended  by  agreement  between  the  entities  involved  in 
processing  the  return.   Finally,  the  return  reason  codes  will  have  to  be  translated  by  Gateway 
Operators  from  those  of  the  returning  fmancial  institution  to  those  applicable  to  the  fmancial 
institution  receiving  the  return.   Dishonored  and  Contested  Dishonored  Returns  are  unique  to  the 
U.S.  and  are  not  applicable  to  credit  payments. 

16.  What  are  the  cancellation,  recall  and  reversal  procedures  for  cross  border  entries? 

Cancellation  requests  are  made  prior  to  settlement  of  the  payment  transaction  or  file  asking  that  the 
processing  of  the  cross-border  entry  or  file  be  canceled.  The  cancellation  request  is  passed  on  to  the 
various  parties  involved  in  the  cross-border  payments  flow  as  required.   Cancellation  requests  are 
satisfied  on  a  best  efforts  basis  only;  parties  involved  in  the  cross-border  payments  flow  are  not 
obligated  to  honor  the  request. 

Recall  requests  are  made  after  settlement  of  payment  transactions  asking  that  the  processing  of  the 
cross-border  entry  or  file  be  canceled  and  that  funds  be  returned.  The  recall  request  is  passed  on  to 
the  various  parties  involved  in  the  cross-border  payments  flow  as  required.   Recall  requests  are 
satisfied  on  a  best  efforts  basis  only;  parties  involved  in  the  cross-border  payments  flow  are  not 
obligated  to  honor  the  request. 

Reversals  are  unique  to  the  U.S. -based  ACH  system,  but  since  a  Gateway  Operator  is  obligated  to 
abide  by  its  national  payment  system  rules,  U.S.  Gateway  Operators  will  make  proprietary 
arrangements  for  handling  these  items. 

17.  How  are  difTerences  in  time-zones,  holidays,  etc.  handled? 

Gateway  Operators  will  operate  in  accordance  with  the  holiday  schedule  of  their  national  payment 
system.  They  will  be  required  to  maintain  warehousing  capabilities  to  store  entries  due  to  holidays, 
non-banking  days  and  time- zone  differences.  Entries  with  an  effective  or  value  date  of  a  non-banking 
day  for  the  RDFI  will  be  effected  the  next  banking  day. 

18.  What  is  the  lead  time  for  a  cross-border  payment? 

Depending  on  the  number  of  parties  handling  a  cross-border  payment,  payments  are  originated  1-4 
days  prior  to  the  desired  payment  (or  settlement)  date  in  the  receiving  country.   Originators  should 
confirm  cut-off  times  and  processing  schedules  with  their  ODFIs,  as  availability  of  funds  to  the 
Receiver  will  occur  according  to  the  rules  of  that  national  payment  system. 
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19.  When  are  funds  settled  between  the  financial  institutions? 

Finality  of  settlement  occurs  in  the  national  payment  system  of  the  originating  country  before 
cross-border  transfers  are  made.   Finality  of  settlement  occurs  at  three  points  in  the  following  order: 

1.  in  the  originating  country  according  to  its  national  payment  system  rules 

2.  between  Originating  Gateway  Operator  and  Receiving  Gateway  Operator 

3.  within  the  receiving  country  according  to  national  payment  system  rules 

Settlement  must  occur  between  all  the  parties  before  the  next  step  in  the  cross-border  payment 
process  takes  place. 

20.  When  are  funds  available  to  the  Receiver? 

The  national  payment  system  rules  of  the  destination  country  and  the  Receiving  Depository  Financial 
Institution's  capabilities  govern  matters  of  receipt,  posting  and  funds  availability  to  the  payee. 
Generally  speaking,  once  funds  have  settled  in  the  originating  country,  it  may  take  1-4  days  before 
the  Receiving  Depository  Financial  Institution  receives  the  payment  for  processing  and  posting. 

21.  What  are  the  risks  to  companies  wanting  to  originate  cross-border  payments? 

Today,  the  risks  associated  with  making  cross-border  payments  include  timing  delays,  foreign 
exchange  fluctuation,  and  the  lack  of  a  convenient  mechanism  for  effecting  recurring  payments.  The 
NACHA  cross-border  payment  rules  offers  companies  and  financial  institutions  a  method  for 
processing  cross-border  payments  electronically  while  minimizing  time  delays  and  potential  foreign 
exchange  exposure.  The  most  significant  risk  is  fluctuation  in  the  foreign  exchange  rate  between  the 
time  the  item  is  originated  and  the  time  the  item  is  returned. 

22.  Do  Regulation  E  and  UCC4A  apply  to  cross-border  payments? 

Regulation  E  and  UCC4A  apply  to  U.S.  payments,  and  therefore  will  only  be  applicable  when  cross- 
border  payments  enter  the  ACH  Network  in  the  U.S. 
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APPENDIX  n 


FOCUS:  Internet  Security* 


Barriers  to  Electronic  Commerce 


Safety/Security 


Security  is  one  of  the  greatest  barriers  to  wide-spread  electronic  commerce  through  the  Internet.  In 

order  for  commerce  over  the 

Internet  to  reach  its  full  potential, 

the  environment  must  be  made  safe 

for  the  processing  of  payment 

instructions.   Until  then,  consumers 

and  merchants  will  be  reluctant  to 

utilize  the  Internet  delivery  channel 

for  commerce.  Unrestricted  access 

and  geographic  reach,  the  very 

attributes  that  make  the  Internet 

attractive  as  a  delivery  channel, 

make  it  challenging  from  a  security 

and  payment  processing  perspective. 

Internet  purchasers  and  sellers  may 

not  have  pre-established  physical 

relationships  or  contracts.  Current 

Internet  payment  methods  are  not 

mature  and  many  more  are 

emerging. 


Internet  Server 

Selling  Goods/Svcs 


Consumer 

Payments 


Authentication 

Digital  Signatures/Certificates 


In  the  Internet  world  of  the  "virtual  cash  register,"  every  purchaser  and  every  merchant  looks  the 
same.   Payment  systems  rules  that  protect  consumers  and  businesses  based  on  pre-established 
relationships  and  the  visual  inspection  of  written  signatures  no  longer  work  in  the  virtual  marketplace. 
Consumers  must  be  assured  that  they  are  purchasing  from  a  viable  business,  merchants  must  know 
that  the  consumer  is  authentic,  payment  information  must  be  protected,  and  payment  systems  must  be 
able  to  prove  that  its  customers  created  and  signed  the  payment  order. 

In  an  environment  of  spontaneous  purchases  by  persons  or  entities  previously  unknown  to  the  seller, 
the  authentication  of  the  purchaser  and  the  purchaser's  message  is  critical  to  the  seller  ~  just  as 
important  as  it  is  to  identify  the  signer  of  a  check,  the  user  of  a  credit  card,  and  the  identity  of  a  debit 
card  user. 

To  solve  these  problems,  new  methods  of  authentication  have  been  developed  utilizing  digital 
signatures.  Authentication  is  a  process  whereby  the  receiver  of  a  digital  message  can  be  confident  of 
the  identity  of  the  sender  and  the  integrity  of  the  message.  Traditional  authentication  protocols  are 
based  on  symmetric,  shared-secret  key  systems  such  as  data  encryption  standard  ("DES").  The  new 
digital  signature  technology  is  based  on  the  more  recent  asymmetric,  public  key  systems,  such  as 


Exceipl  from  ^curiiy  and  the  Inumet:  'prepared  for  the  NACHA  Intemel  Task  Force  by  C.  Margaret  Scarborough;  May  14,  1996. 
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RSA,  which  use  public  and  private  key  pairs.  Technologists  consider /Jufc//c  key  systems  to  be  a 
more  effective  means  of  authenticating  purchasers  and  their  messages,  merchants,  and  network 
intermediaries  in  the  new  spontaneous  electronic  commerce  environment.   In  these  systems,  the 
private  key  is  always  kept  private  and  because  secrets  are  no  longer  shared,  they  can  no  longer  be 
compromised. 

Digital  signatures  enable  the  seller  to  fully  authenticate  that  the  message  is  that  of  the  purchaser,  and 

that  the  message  has  not  been  altered.  The  purchaser  creates  an  encrypted  digest  of  the  payment 

message  and  signs  it  with  a  private  key.  The  seller  decrypts  and  verifies  the  message  and  purchaser 

using  the  purchaser's  public  key. 

The  purchaser's  digital  signature 

can  contain  certificates  which  can 

also  be  used  by  the  seller  to 

authenticate  the  purchaser's  public 

key,  thereby  preventing  impostors 

from  purchasing  goods  and  services. 


Use  of  digital  signature  technology 
need  not  be  limited  to  Internet-based 
transactions.  Opportunities  also 
exist  to  solve  security  problems  and 
reduce  losses  of  check,  credit  and 
debit  card  based  transactions  at  the 
point-of-sale,  and  electronic 
payment  messages  through 
proprietary  networks. 


Public  Key  Infrastructure  Needed 
Banking  and  the  Certification  Authority 


Banking  System 


In  order  for  digital  signatures  to 

work  in  a  commercial  environment,  there  must  be  an  infrastructure  to  register,  certify,  and  revoke 
public  keys.   The  need  for  &  public  key  infrastructure  gives  rise  to  an  entity  called  a  Certification 
Authority  ("CA  ").  Compelled  by  brand  protection,  VISA  and  MasterCard  are  establishing  CAs, 
certificate  revocation  lists  ("CRLs"),  protocols,  and  operating  rules  for  digital  signature  use  for  credit 
cards.  They  have  recently  aligned  their  protocols  into  a  single  standard,  the  Secure  Electronic 
Transaction  ("SET").   To  date,  no  other  banking  or  banking-related  entity  has  developed  a  similar 
system. 

Financial  institutions  are  beginning  to  offer  services  directly  through  the  Internet  channel  (e.g. 
deposit  taking,  transfers,  bill  payment,  and  loan  applications)  which  will  require  demand  account 
access  rather  than  credit  card  access.  As  financial  institutions  are  trusted  by  both  consumers  and 
merchants,  a  banking  industry-controlled  CA  and  CRL  infrastructure,  to  register  public  keys  to 
demand  accounts,  could  be  of  significant  benefit  to  the  banking  industry  and  its  corporate  and 
consumer  constituencies.   Furthermore,  a  CA  is  needed  to  register  and  certify  the  public  keys  of 
financial  institutions.   NACHA  is  now  reviewing  with  the  banking  industry  the  proper  role  that 
financial  institutions  should  play  in  issuing  digital  signature  certificates  for  their  customers'  demand 
deposit  accounts. 
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NEW  YORK  CLEARING  HOUSE 

lOO    BROAD   STREET    .NEW   YORK     N    Y    10004 


JOHN   R.  MOHR 

EXECUTIVE  VICE    PRESIDENT 


May  31,  1996 


Mr.  Eugene  A.  Ludwig 
Comptroller  of  the  Currency 
Independence  Square 
250  East  Street,  SW 
Washington,  D.C.   20219-0001 

Re:   Office  of  Foreign  Assets  Control 

Dear  Mr.  Ludwig: 

Thank  you  for  the  opportunity  to  discuss  with  you  matters  of 
interest  to  the  banking  industry,  especially  the  effect  that  the 
activities  of  the  Office  of  Foreign  Assets  Control  ( "OFAC" )  is 
having  on  the  U.S.  banking  industry  and  on  the  broader  interests 
of  the  United  States,  particularly  on  the  status  of  the  dollar  as 
the  world's  reserve  currency,  the  central  role  that  the  U.S. 
payments  mechanism  plays  in  maintaining  that  role,  and  how  OFAC's 
rules  are  affecting  the  U.S.  payments  system. 

The  current  U.S.  payments  system  developed  in  response  to 
the  need  of  financial  institutions  around  the  world  for  safe, 
efficient,  and  low-cost  ways  to  make  payments  in  the  world's 
reserve  currency.   The  dollar  continues  to  enjoy  its  primacy  in 
part  because  the  mechanisms  for  making  dollar  payments  continue 
to  be  the  most  secure  and  efficient  in  the  world.   We  believe 
that  it  would  not  be  in  the  long-term  interests  of  the  United 
States  for  its  government  to  jeopardize  one  of  the  dollar's  most 
important  strengths . 

OFAC's  rules  require  that,  if  a  U.S.  bank  (including 
overseas  offices)  comes  into  possession  of  funds  in  which  a 
person  or  entity  that  is  subject  to  OFAC  sanctions  has  an 
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interest,  the  bank  must  pay  those  funds  into  a  blocked  account 
where  they  must  remain  unless  OFAC  issues  a  license  or  until  the 
sanctions  are  removed  or  title  to  the  funds  vests  in  the  U.S. 
government.   These  rules  affect  not  just  the  banks  holding  the 
accounts  of  the  blocked  entity,  but  banks  that  are  mere 
intermediaries  in  funds  transfers. 

For  example,  a  Venezuelan  bank  making  payment  that  is 
perfectly  legal  under  Venezuelan  law  to  a  Cuban  firm  may  route 
the  payment  through  New  York  if  it  is  a  dollar  payment  because 
New  York  is  where  the  most  efficient  dollar  payment  mechanisms 
are  located.   Any  New  York  bank  that  received  the  payment  order 
would  be  required  to  pay  the  funds  into  a  blocked  account,  report 
the  payment  to  OFAC,  and  inform  the  bank  that  sent  the  payment 
order  that  the  funds  had  been  seized  and  paid  into  a  blocked 
account  and  that,  as  a  result,  the  funds  transfer  could  not  be 
completed.   As  you  can  see,  this  requirement  would  create  strong 
incentive  for  the  Venezuelan  bank  to  avoid  routing  this  kind  of 
payment  through  a  U.S.  bank. 

In  recent  years,  OFAC  sanctions  have  increased  markedly  both 
in  scope  and  impact.   First,  OFAC  has  greatly  expanded  its  list 
of  blocked  persons  and  entities.   In  1992,  there  were  about  500 
blocked  entities  or  persons  on  OFAC's  list;  today  there  are  over 
2,000.   Second,  in  order  to  ensure  compliance  with  the  law, 
reinforced  by  the  possibility  of  OFAC  fines,  many  banks 
(especially  the  large  ones  that  most  frequently  act  as 
intermediary  banks  in  international  funds  transfers)  have 
equipped  their  funds  transfer  processing  systems  with  interdict 
software  that  enables  them  to  catch  a  far  higher  percentage  of 
these  transfers  than  was  possible  in  the  past.   The  inevitable 
consequence  of  these  two  factors  is  a  greatly  increased  incentive 
for  foreign  banks  to  avoid  the  U.S.  payments  system. 
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There  is  a  conunonly  held  myth  that  every  payment  denominated 
in  U.S.  dollars  will  always  pass  through  the  U.S.  payments 
system.   In  fact,  most  dollar  payments  pass  through  the  U.S. 
payments  system  as  a  matter  of  convenience,  not  necessity. 
Dollar  payment  systems  do  exist  off  shore,  and  there  is  no  reason 
why  a  substantial  portion  of  the  transactions  that  are  conducted 
in  dollars  outside  the  borders  of  the  United  States  cannot  be 
settled  through  off-shore  systems.   But  there  are  a  number  of 
reasons  why  this  trend  should  cause  concern. 

To  begin  with,  payments  that  are  made  outside  the  U.S. 
payments  mechanism  are  totally  outside  of  the  scope  of  U.S. 
government  scrutiny  or  control.   Thus,  to  the  extent  that  OFAC  or 
some  other  law-enforcement  agency  needs  information  on  these 
transfers,  it  would  be  in  the  government's  interest  to  keep  these 
transfers  within  the  U.S.  payments  system.   Further,  U.S.  payment 
systems  have  developed  sophisticated  risk-control  measures  that 
protect  banks  and  the  systems  as  a  whole  from  the  possibility 
that  one  or  more  participants  could  fail.   Off-shore  systems, 
especially  those  located  in  countries  with  less  robust  bank 
supervision,  may  lack  some  or  all  of  these  risk-control  measures. 
The  shift  of  payments  volume  to  off-shore  systems  would  therefore 
raise  serious  safety  and  soundness  concerns. 

The  shift  of  dollar  payments  to  off-shore  systems  could  also 
have  significant  monetary  policy  implications  for  the  United 
States.   Any  payment  system  that  handles  large  volumes  must  have 
access  to  liquidity  in  the  currency  (or  currencies)  being 
transferred.   Thus,  one  reason  why  the  largest  dollar  payment 
systems  tend  to  be  located  in  the  U.S.  is  that  the  U.S.  is  home 
to  the  deepest  dollar  credit  markets  and  is  also  where  the 
dollar's  lender  of  last  resort  is  to  be  found.   For  the  same 
reason  yen  payment  systems  tend  to  be  located  in  Tokyo  and 
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sterling  systems  tend  to  be  located  in  London.   Yet  if 
significant  demand  for  large-scale,  off-shore  dollar  payment 
systems  were  to  arise,  the  countries  playing  host  to  such  systems 
might  encourage  the  development  of  dollar  markets  in  their 
countries  that  dwarf  the  current  Eurodollar  markets. 

In  the  future,  payment  systems  will  most  likely  be  designed 
to  handle  multiple  currencies.   With  these  systems  it  becomes 
convenient  to  shift  payments  from  one  currency  to  another.   Put 
another  way,  there  will  no  longer  be  a  compelling  need  to  make 
payments  in  U.S.  dollars  if  the  cost,  inconvenience,  and 
uncertainty  of  dealing  in  dollars  become  too  high.   In  these 
cases,  banks  and  other  parties  making  payments  will  have  strong 
incentives  to  shift  payments  from  dollars  to  other  currencies. 

We  have  received  reports  that  OFAC  regulations  have  begun  to 
be  used  as  a  competitive  weapon  against  the  United  States  and 
U.S.  banks  and  that  some  foreign  banks  are  telling  international 
customers  that  it  is  best  not  to  deal  with  U.S.  banks  because  of 
the  problems  that  could  arise  as  a  result  of  OFAC  regulations. 
We  know  of  at  least  two  multicurrency  systems  that  have  chosen 
London  as  a  base  of  operations  rather  than  New  York  so  that  non- 
U.S.  participants  would  not  become  subject  to  OFAC  regulations. 

At  some  point  it  becomes,  indeed  we  fear  that  it  may  already 
have  become,  worthwhile  to  arrange  transactions  in  a  way  that 
avoids  the  United  States  and  its  banks.   Thus  OFAC's  single- 
minded  pursuit  of  its  own  mission  to  the  exclusion  of  all  other 
considerations  has  reached  the  point  where  it  may  endanger  the 
dollar's  status  as  the  world's  reserve  currency. 

The  dollar's  status  as  the  world's  reserve  currency  provides 
incalculable  benefits  to  the  United  States.   Among  these  are 
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ability  of  the  United  States  to  sell  public  debt  instruments 
denominated  in  dollars  to  a  world  market  and  the  ability  of 
Americans  to  use  dollars  to  buy  oil  and  other  essential 
commodities.   If  the  United  States  were  required  to  sell  its 
public  debt  or  buy  its  oil  in  yen  or  sterling,  for  example,  the 
cost  of  interest  payments  on  the  public  debt  and  the  cost  of  the 
oil  we  use  would  become  subject  to  the  vicissitudes  of  the 
foreign  exchange  markets,  and  the  United  States  would  lose  a 
substantial  degree  of  control  over  these  important  aspects  of  its 
economic  life. 

I  hope  this  letter  gives  you  some  understanding  of  the 
concerns  that  OFAC's  regulations  are  causing  to  the  U.S.  banking 
industry.   If  you  need  more  information,  please  call  me  at  (212) 
612-9235. 

Very  truly  yours. 


JRM:mlr 


{^[lA 
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I.         Introduction 

Thank  you,  Mr.  Chairman.   It  is  a  great  pleasure  to  participate  in  these 
hearings  of  the  House  Banking  Subcommittee  on  Domestic  and  International 
Monetary  Policy  on  the  "Future  of  Money",  a  Congressional  review  of  the  public 
policy  considerations  generated  by  new  technological  developments  in  currency 
and  electronic  commerce.  We  commend  you  for  your  leadership  on  this 
important  subject  and  thank  you  and  Financial  Institutions  Subcommittee 
Chairwoman  Roukema  for  including  an  exemption  from  Regulation  E  for  stored 
value  products  in  the  House  Banking  Comrnittee's  regulatory  relief  bill. 

Founded  in  1850  by  such  legendary  banking  visionaries  as  Henry  Wells 
and  William  Fargo,  American  Express  was  established  to  provide  express 
services  to  the  general  public,  including  the  transmittal  of  goods,  valuables  and 
money  quickly  and  safely  to  their  destinations.   From  this  era  of  the  Pony 
Express  and  strong  boxes  filled  with  gold  to  the  electronic  age  of  the  Internet, 
American  Express  has  responded  to  marketplace  demands  for  innovative 
products  and  services  reflecting  the  needs  of  the  American  public  and  the 
world  traveler.  The  Company's  numerous  contributions  include: 

•  Developing  the  C.O.D.  system  of  delivery,  which  enabled  merchants 
shipping  goods  to  customers  to  have  the  company  collect  their 
payments; 

•  Inaugurating  one  of  the  first  money  order  businesses,  with  an 
ingenious  anti-fraud  payment  product:   Rows  of  figures  were  attached 
to  the  side  of  the  money  order  from  which  the  issuing  agent  tore  off 
down  to  the  purchased  amount,  thereby  making  it  impossible  to  alter 
upward  the  amount  on  the  order;  and, 

•  Issuing  the  first  travelers  cheque.   It  was  designed  specifically  to 
provide  the  traveler  with  a  payment  product  that  was  both  accepted 
as  cash  yet  safeguarded  against  loss.   Since  its  inception,  the 
American  Express  Travelers  Cheque  has  been  one  of  the  world's  most 
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popular  payment  products.   First  year  sales  in  1891  were  $9,120  and 
have  since  risen  to  $25.4  billion  in  1995. 

II.  Stored  Value 

While  I'm  sure  the  American  Express  Travelers  Cheque  is  familiar  to  all  of 
you  —  especially  from  those  first  college  trips  to  Europe  —  you  may  not 
immediately  attach  the  term  "stored  value  product'  to  it.   Notwithstanding  its 
time-tested  design,  it  is  fundamentally  a  prepayment  product,  albeit  one  that  is 
105  years  old. 

Generally  one  can  divide  payment  products  into  three  categories:  Pay 
Before  (including  stored  value  products  as  travelers  checks,  money  orders, 
prepaid  telephone  cards,  and  even  cash);  Pay  Now  (such  as  personal  checks, 
ATM  cards,  debit  cards);  and  Pay  Later  (such  as  credit  cards  and  charge  cards). 
Interestingly  enough,  the  type  of  payment  method  primarily  employed  by 
consumers  and  businesses  reflect  cultural  and  national  norms.   For  example, 
in  the  U.S.  and  many  English-speaking  countries,  credit  is  often  used  to  a 
significant  extent.   In  many  other  countries,  such  as  Japan  and  Germany,  Pay 
Before  (stored  value)  and  Pay  Now  methods  are  preferred. 

III.  The  Travelers  Cheque 

Emerging  new  technologies  (e.g.,  chip  cards,  smart  cards,  and  radio 
frequency  I.D.'s)  are  being  used  to  fulfill  the  same  function  as  the  paper 
Travelers  Cheque:   a  consumer's  prepayment  of  funds  to  the  product  issuer  in 
return  for  a  card,  note  or  other  convenient  and  secure  "promise  to  pay"  or 
"promise  to  provide  services"  at  a  later  date.  Other  existing  examples  of  stored 
value  products  are  gift  certificates,  subway  tokens,  and  postage  stamps. 
Except  in  physical  form,  the  Travelers  Cheque  shares  virtually  all  attributes 
with  the  current  generation  of  stored  value  instruments.   Here  is  how  Travelers 
Cheques  work  today: 
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1.  The  Travelers  Cheque  is  printed  using  state  of  the  art  printing 
techniques  to  avoid  the  risk  of  counterfeiting. 

2.  Each  Cheque  is  individually  numbered  for  tracking  purposes. 

3.  The  Cheques  are  held  in  American  Express'  secured  vaults  until  they 
are  distributed  as  inventory  to  American  Express'  sellers,  including 
financial  institutions,  the  American  Automobile  Association,  and 
travel  agencies  (bureaux  de  change). 

4.  The  individual  who  purchases  a  Travelers  Cheque  is  required  to  sign 
the  Travelers  Cheque  in  the  upper  left  hand  comer  at  the  time  of 
purchase.  Then,  should  the  signed  cheque  be  lost  or  stolen  before  it 
is  used,  the  purchaser  can  receive  a  full  refund  for  the  Cheque. 

5.  Each  time  a  Travelers  Cheque  is  sold,  the  seller  must  record  the  sale 
and  notify  (via  various  means)  the  American  Express  global  service 
center  in  Salt  Lake  City,  Utah.  At  the  same  time,  proceeds  from  the 
sale  are  also  forwarded  to  American  Express.  To  comply  with  state 
licensing  laws,  pending  encashment,  all  proceeds  are  held  in  reserve 
in  permissible  investments  and  cannot  be  used  for  other  purposes. 

6.  Between  the  time  the  Travelers  Cheque  is  sold  to  a  consumer  and  the 
time  it  is  encashed,  American  Express  has  very  little  information 
about  who  has  the  Travelers  Cheque  or  where  it  is  located. 

7.  Usually,  American  Express'  next  contact  with  the  Cheque  is  when  it  is 
encashed.  At  the  point  of  encashment,  the  acceptor  is  required  to 
"watch  and  compare"  while  the  purchaser  countersigns  the  Travelers 
Cheque  in  the  acceptor's  presence.   If  this  procedure  is  followed  and 
the  signatures  are  a  reasonable  match,  American  Express  agrees  to 
provide  payment  to  the  acceptor.   "Watch  and  compare"  is  the  non- 
electronic equivalent  of  an  electronic  "authorization". 

8.  An  acceptor  of  a  Travelers  Cheque  deposits  it  in  his  or  her  bank 
account  and  the  Cheque  is  then  forward  by  the  bank  through  the 
banking  system  for  payment  by  American  Express.   At  American 
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Express'  service  center,  reconciliation  between  cheque  numbers 
shown  as  sold  and  cheque  numbers  shown  as  encashed  occurs.   Any 
imbalances  (for  example,  if  a  cheque  comes  in  encashed  which  is  not 
shown  on  our  system  as  being  sold)  are  investigated  directly  with  the 
selling  institution. 
9.  Fortunately,  the  overwhelming  majority  of  Travelers  Cheques  are 
encashed  by  the  purchaser  rather  than  reported  lost  or  stolen. 
However,  when  a  cheque  is  lost  or  stolen,  the  claim  is  handled  by  our 
claims  review  unit.  Approximately  seventy-five  percent  of  claims  are 
approved  on  the  first  call.   Most  of  the  remaining  twenty-five  percent 
are  approved  within  24  hours.   Refunds  are  delayed  or  declined  when 
there  is  a  breach  of  the  terms  and  conditions  or  when  there  is 
evidence  of  potential  fraud. 

IV.       Regulation  of  Travelers  Check  Issuers 

One  of  the  common  misunderstandings  about  the  travelers  check 
business  is  the  belief,  held  by  some,  that  the  issuance  of  travelers  checks  by 
non-banks  are  essentially  unregulated.  That  is  not  true.  The  issuance  of 
travelers  checks,  money  orders,  and  other  similar  payment  instruments  by 
non-banks  are  subject  to  regulation  on  a  state-by-state  basis.  American 
Express  has  licenses  in  43  states  to  issue  travelers  checks.  These  licenses 
require  us,  among  other  things,  to  hold  100%  of  the  funds  we  collect  from  the 
public  in  reserves  invested  in  accordance  with  "permissible  investment" 
statutes.  This  is  a  higher  standard  than  is  required  of  banks  for  their 
customers'  deposits.   In  addition,  many  states  require  bonds  to  be  filed,  annual 
and  quarterly  reports,  and  annual  audits.   For  your  information,  I  have 
attached  a  copy  of  one  such  statute,  from  the  State  of  New  York. 

American  Express  is  a  member  of  the  Ad  Hoc  Industry  Group  of  Money 
Transmitters,  a  group  that  includes  other  travelers  check  and  money  order 
issuer*  such  as  Thomas  Cook,  Citicorp  Services,  and  Western  Union.  This 
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Group  has  studied  the  regulation  of  our  industry  and  has  issued  a  Model  Act 
Regulating  Money  Transmitters  (which  has  been  adopted  by  a  few  states),  as 
well  as  two  "white  papers"  explaining  how  this  unique  industry  works  and 
serves  the  public.   I  have  also  attached  these  documents  to  our  testimony. 

V.        American  Express  Stored  Value  Products 

When  American  Express  recognized  the  emerging  market  for  stored  value 
products,  the  decision  was  made  that  these  products  should  be  developed  and 
issued  by  its  Travelers  Cheque  Group,  because  the  Travelers  Cheque  IS,  as  I 
mentioned  previously,  a  stored  value  product.   Moreover,  the  American 
Express'  Travelers  Cheque  Group  has  all  of  the  core  competencies  and 
experience  needed  to  run  a  stored  value  business.  That  group  has  now  been 
renamed  the  American  Express  Stored  Value  Group  and,  true  to  its  promise, 
has  made  excellent  progress  in  building  a  diversified  portfolio  of  stored  value 
products.   Here  are  a  few: 

1 .  The  PhoneFunds^i^  Card.  This  is  a  prepaid  telephone  card  issued  by  our 
wholly-owned  subsidiary,  American  Express  Telecom,  Inc.   Unlike  almost 
all  other  prepaid  telephone  cards  on  the  market,  this  card  is  refundable  if 
it  is  lost  or  stolen.   It  can  be  used  from  anywhere  in  the  United  States  to 
locations  around  the  world. 

2.  The  CampusFunds^'^  Card.   In  1995,  American  Express  acquired  Special 
Teams,  Inc.,  a  small,  entrepreneurial  company  specializing  in  stored 
value  systems  for  universities.  This  company,  now  known  as  American 
Express  Special  Teams,  Inc.,  has  systems  in  place  at  over  200  university, 
hospital,  and  business  campuses.  The  beauty  of  the  American  Express 
Special  Teams  system  is  that  it  is  modular,  scaleable,  and  easy  to 
customize  for  large  or  small  applications.   In  addition,  because  it  is  an 
on-line  system,  it  provides  extraordinary  customer  utility  and  security  by 
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requiring  immediate  authorization  and  maintenance  of  a  record  of 
transaction.   I'm  delighted  that  Don  Endres,  President  of  American 
Express  Special  Teams,  is  here  today  to  demonstrate  how  the  system 
works.  As  you  will  see,  with  this  system,  a  prepaid  CampusFunds^w 
Card  can  be  used  to  purchase  everything  from  books  and  meals  to  soda 
and  candy  in  vending  machines.  You  can  even  use  this  card  for 
laundromat  and  photocopier  services. 

3.  The  SkiFunds^*^  Card.  American  Express  tested  its  first  resort  stored 
value  card  this  winter  in  Aspen,  Colorado.  The  SkiFunds^w  Card, 
accepted  at  68  different  merchants  at  or  near  the  Aspen  ski  resort  — 
ranging  from  restaurants  to  equipment  rental  shops  to  the  ski  lifts 
themselves  —  allowed  a  skier  to  buy  valuable  package  deals  and  to  spend 
a  day  on  the  slopes  without  having  to  carry  coins  and  bills.   Moreover, 
the  prepaid  cards  were  found  to  be  very  convenient  for  skiing  families. 

4.  The  IncentiveFunds^*^  Card.  The  PhoneFunds^^^  CampusFunds^w^  and 
SkiFunds^"^  Cards  are  what  we  consider  to  be  "closed"  systems  because 
their  use  is  limited  to  a  geographical  area  or  to  a  specific  function  (such 
as  a  telephone).  We  are  now  testing  our  first  "open"  systems  card,  the 
IncentiveFunds^'^  Card,  which  can  be  used  anywhere  an  American 
Express  Card  is  accepted.  We  call  these  "IncentiveFunds^"^"  cards 
because  they  are  used  by  corporations  and  companies  to  pay  sales 
incentives  or  customer  awards.   We  are  testing  the  card  now  with  a 
group  of  furniture  manufacturers  who  have  distributed  the  card  to  887 
sales  representatives  (as  of  6/  10/96).  At  the  beginning  of  the  test,  the 
sales  representatives  were  each  given  an  IncentiveFunds^"^  Card  that  was 
empty,  that  is,  without  any  funds  loaded  on  to  it.   As  the  sales 
representatives  met  their  sales  targets,  the  sponsoring  companies  loaded 
funds  on  the  card  which  then  could  be  used  anywhere  an  American 


226 


Express  Card  is  accepted.  Although  there  are  many  ways  a  cardholder 
can  learn  what  the  balance  on  the  card  is  at  any  time,  including  by 
calling  an  800  number,  American  Express  also  sends  monthly  activity 
reports  detailing  the  card  utilization  at  the  sponsoring  companies' 
request. 

I  have  samples  of  some  of  these  products  for  your  review. 

VI.       Regulation  E 

I  have  been  asked  to  share  American  Express'  views  on  the  Federal 
Reserve  Board's  proposed  regulation  of  stored  value  products  under  Reg  E. 
Although  we  are  still  studying  the  issue  and  plan  to  file  a  formal  submission  to 
the  Federal  Reserve  prior  to  the  expiration  of  its  August  1  filing  deadline,  we  do 
have  some  preliminary  views.  While  we  do  believe  that  these  products  should 
be  regulated  appropriately,  we  feel  strongly  that  the  proposed  regulations  need 
substantial  modifications  if  they  are  to  be  responsive  to  new  technological 
advancements.  The  focus  of  our  concern  is  as  follows: 

•    The  proposed  rule  regulates  stored  value  products  based  on  the 

technology  utilized  —  whether  on-  or  off-line  systems  --  and  not  on  the 
nature  of  the  underlying  transaction.  The  Federal  Reserve's  proposal 
to  distinguish  between  on-line  and  off-line  technology  is  not  rationally 
related  to  protecting  consumers'  interests.   Identical  commercial 
activities  will  result  in  diflerent  regulatory  requirements.  Thus,  this 
rule  will  create  both  a  lack  of  uniformity  and  a  regulatory  distortion 
among  such  products,  resulting  in  skewing  the  development  of  this 
still  emerging  industry  towards  one  particular  technology.   Ironically, 
it  will  be  a  shift  towards  a  technology  that  we  believe  may  not  be  as 
beneficial  for  the  consumer. 
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•  In  fact,  the  products  which  are  the  most  heavily  regulated  under  the 
proposed  regulations,  on-line  products,  are  the  products  that  based 
on  their  technology  inherently  provide  the  most  protection  to 
consumers.   On-line  stored  value  is  what  we  will  be  demonstrating 
here  today.   It  is  the  most  secure  and  affords  the  consumer  the 
greatest  protection  because  every  transaction  is  authorized  and 
recorded.  That  means  that  stolen  cards  can  be  "turned  off  and  that 
users  can  track  all  of  their  spending.  In  contrast,  the  off-line  cards 
have  gaps  in  their  capabilities  and  lost  or  stolen  cards  often  cannot  be 
refunded  or  replaced. 

•  Moreover,  emerging  technologies  make  it  possible  to  blend  both  on- 
line and  off-line  capabilities  on  the  same  card.  In  such  cases, 
different  levels  of  regulations  for  different  kinds  of  technology  will  be 
confusing  to  consumers,  difficult  for  regulators  to  apply,  and  nearly 
impossible  for  the  judiciary  to  interpret. 

•  Finally,  there  are  some  specific  requirements  that  simply  make  no 
sense.   For  example,  the  proposed  rules  require  that  receipts  be 
issued  for  all  on-line  transactions,  but  not  off-line  transactions  even 
though  they  involve  an  identical  activity.  The  regulation  would 
require  that  the  soda  machine  we  will  be  demonstrating  to  you  would 
have  to  be  refitted  with  a  module  that  supplies  printed  receipts  for 
each  separate  purchase  merely  because  it  uses  an  on-line  system.  In 
other  words,  each  can  of  soda  would  require  a  separate  paper  receipt. 
The  same  would  go  for  laundry,  photocopy,  etc. 

In  contrast,  neither  the  use  of  an  off-line  pajmient  product,  such  as  a 
chip  card  nor  cash,  triggers  a  receipt  requirement  even  though  used 
to  purchase  an  identical  can  of  soda  or  other  service.   Right  now,  our 
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on-line  system  is  in  use  at  hundreds  of  campuses,  a  list  of  which  are 
attached.   If  the  proposed  rule  goes  forward  in  its  current  form,  those 
institutions  utilizing  the  vending  functions  will  be  forced  to  make 
expensive  and  unnecessary  systems  changes  in  all  of  their  vending 
machines,  or  they  will  otherwise  have  to  eliminate  the  use  of  this 
payment  product  at  vending  machines,  and  go  back  to  the  more  costly 
and  burdensome  procedures  connected  with  cash/coins. 
Unfortunately,  such  a  result  would  mean  less  protection  for  the 
student  or  consumer  instead  of  more. 

Notwithstanding  the  above  technical  comments,  the  real  threshold 
question  that  needs  further  review  is  whether  stored  value  products  should 
even  be  regulated  under  Reg  E.   Historically,  the  prepayment  for  products 
and  services  has  not  triggered  the  application  of  Reg  E,  which  has 
traditionally  required  an  account  relationship.  The  mere  shift  in  medium  — 
from  paper  to  electrorjics  —  does  not  change  the  underlying  legal  character 
of  the  transaction  and  does  not  establish  an  account  relationship.  As  you 
know,  we  consider  these  products  to  be  very  similar  to  Travelers  Cheques 
and  other  well-known  stored  value  products.   No  one  has  ever  suggested 
that  a  Travelers  Cheque,  a  gift  certificate,  or  a  subway  token  constitute  an 
"account"  or  a  "deposit"  subject  to  Reg  E.  There  is  no  reason  to  treat  the 
electronic  versions  of  these  products  any  differently.   Given  that  this 
industry  is  in  its  infancy,  we  would  urge  great  care  and  circumspection  by 
the  Federal  Reserve  Board  and  by  Congress  before  any  significant  regulation 
is  attached  to  these  products.  Any  inappropriate  regulatory  intervention 
will  only  deter  beneficial  technological  advancements  and  add  unnecessary 
costs  for  the  user,  with  no  discernible  improvement  in  consumer  protection. 
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VII.   Summary 

American  Express  is  delighted  to  have  had  this  opportunity  to  brief  this 
Subcommittee  on  the  exciting  new  financial  products  we  have  under 
development.  The  growth  opportunities  for  stored  value  products,  both 
domestically  and  internationally,  are  highly  promising.  With  appropriate 
regulation,  we  believe  that  these  innovative  products  can  thrive  and 
consumer  protection  can  be  ensured.  We  are  committed  to  this  goal.   If  we 
can  be  of  further  assistance,  please  do  not  hesitate  to  contact  us. 
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THE  SETTLEMENT  PROCESS  CHART 


SALES 


S«ilin9  Outlet  sends 

Sales  Documents 

(PAFs.  OS^s.  Financial  Instrument) 


TCOC 


Input  Prep 


Document  Reader 
(OCBS) 


Key  Entry 


Sales  Balancing 


soss 


Retention  Center 


PAIDS 


Clearing  Banks  send 
Encashed  Travelers  Cheques 


TCOC 


Input  Prep 


Document  Reader 
(CPCS) 


Paids  Balancing 


Paids  Proof 
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American  Express  Special  Teams,  Inc. 
Current  Partners  by  Institurion 


State 

Institution 

City 

ALABAMA 

Talladega  College 

Talladega 

ARKANSAS 

Arkansas  Tech  University 

Russellville 

University  of  Arkansas  at  Little  Rock 

Little  Rock 

University  of  Arkansas  for  Medical  Sciences 

Little  Rock 

Ouachita  Baptist  University 

Arkadelphia 

ARIZONA 

Eastern  Arizona  College 

Thatcher 

Embry-Riddle  Aeronautical  University 

Prescott 

judson  School 

Scott  sdale 

CALIFORNIA 

Alta  Bates  Medical  Center 

Berkeley 

Bethany  College  in  California 

Santa  Cruz 

University  of  California  -  Davis 

Davis 

California  Institute  of  the  Arts 

Valencia 

I  'niversity  of  California  -  Riverside 

Riverside 

California  State  I  Iniversity  -  Stanislaus 

Turlock 

Claremont  McKenna  College 

Claremont 

Harvey  Mudd  College 

Claremont 

Pitzer  College 

Claremont 

Tomona  College 

Claremont 

Scripps  College 

Claremont 

Herrick  Hospital  and  Health  Center 

Berkeley 

Hewlett  Packard  Corporation  -  Mayfield 

Mountain  View 

Hewlett  Packard  Corporation  -  Middlefield 

Mountain  View 

Marymount  College 

Rancho  Palos 
Verde s 

Seton  Medical  Center 

Daly  City 

Walt  Disney  Studios 

Burbank 

Woodbury  University 

Burbank 

CONNECnCLTT 

University  of  Bridgeport 

Bridgeport 
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American  Express  Special  Teams,  Inc. 
Current  Partners  by  Institution 


State 

institution 

City 

Eastern  Connecticut  State  University 

Willimantic 

Mitchell  College 

New  London 

University  of  New  Haven 

West  Haven 

DISTRICT  or 
COLUMBIA 

The  American  University 

Washington 

Rnollwood  Retirement  Community 

Washington 

Marriott  Corporate  Headquarters 

Washington 

Trinity  College 

Washington 

FLORIDA 

Eckerd  College 

St.  Petersburg 

Florida  State  University 

Tallahassee 

L'niversity  of  Florida 

Gainesville 

Jacksonville  LIniversity 

Jacksonville 

Palm  Beach  Atlantic  College 

West  Palm  Beach 

Southgate  Campus  Center  of  Florida  State  l?niversity 

Tallahassee 

Tallahassee  Memorial  Regional  Medical  Center 

Tallahassee 

GEORGIA 

Morehouse  College 

Atlanta 

IOWA 

Buena  Vista  University 

Storm  Lake 

Clarke  College 

Fhibuque 

Cornell  College 

Mf.  Vernon 

Drake  University 

De.sMoines 

Iowa  Wesleyan  College 

Mt.  Pleasant 

Luther  College 

Decorah 

Morningside  College 

Sioux  City 

Northwestern  College 

Orange  City 

St.  Ambrose  University 

Davenport 

St.  Luke's  Hospital 

Cedar  Rapids               , 

Simpson  College 

Indianola 

Waldorf  College 

Forest  City 
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American  Express  Special  Teams,  Inc. 
Current  Partners  by  Institution 


State 

Institution 

City 

IDAHO 

Hewlett  Packard  Corpwration  -  Boise 

Boise 

Lewis-Clark  State  College 

Lewiston 

ILLINOIS 

Andersen  Consulting 

Chicago 

Central  DuPage  Hospital 

Winfield 

Concordia  University 

River  Forest 

Evanston  Hospital 

Evanston 

First  National  Bank  of  Chicago 

Chicago 

Greenville  College 

Greenville 

Knox  College 

Galesburg 

McKendree  College 

Lebanon 

North  Central  College 

Naperville 

INDIANA 

I  'niversity  of  Evansville 

Evansville 

Hanover  College 

Hanover 

KANSAS 

Benedictine  College 

Atchison 

Bethany  College 

Lindsborg 

Cowley  County  Community  College 

Arkansas  City 

Fort  Hays  State  University 

Hays 

Highland  Community  College 

Highland 

Pittsburg  State  University 

Pittsburg 

Southwestern  College 

Winfield 

KENTUCKY 

Asbury  Theological  Seminary 

Wilmore 

Kentucky  Wesleyan  College 

Owensboro 

Thomas  More  College 

Crestview  Hills 

Transylvania  University 

Lexington 

LOUISIANA 

Centenary  College  of  Louisiana 

Shreveport 

Louisiana  State  University  Medical  Center 

New  Orleans 
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American  Express  Special  Teams,  Inc. 
Current  Partners  by  Institution 


State 

Institution 

City                1 

MASSACHUSETTS 

American  International  College 

Springfield 

Berklee  College  of  Music 

Boston 

E.F.  International  Language  School 

Brighton 

Lasell  College 

Newton 

University  of  Massachusetts,  Dartmouth 

North  Dartmouth 

Stonehill  College 

North  East  on 

Wheaton  College 

Norton 

MARYLAND 

Bowie  State  L'niversity 

Bowie 

Frostburg  State  University    (Convenience  Store) 

Frostburg 

The  Johns  Hopkins  University 

Baltimore 

Mount  Saint  Mary's  College 

Emmitsburg 

Sinai  Hospital  of  Baltimore 

Baltimore 

MAINE 

Husson  College 

Bangor 

MICHIGAN 

University  of  Detroit  Mercy 

Detroit 

Hillsdale  College 

Hillsdale 

Olivet  College 

Olivet 

MINNESOTA 

Abbott  Northwestern  &  Children's  Hospital 

Minneapolis 

Mercy  Hospital 

Coon  Rapids 

I  'nited  &  Children's  Hospital 

St.  Faul 

Unity  Hospital 

Fridley 

Augsburg  College 

Minneapolis 

Bethany  Lutheran  College 

Mankato 

Bethel  College 

Minneapolis 

Concordia  College 

Moorhead 

Concordia  College 

St.  Faul 

General  Mills,  Inc. 

Minneapolis 

North  Central  Bible  College 

Minneapolis 

Saint  Mary's  College 

Winona 
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American  Express  Special  Teams,  Inc. 
Current  Partners  by  Institution 


SUte 

Institution 

City 

Saint  Teresa  Campus  Schools 

Winona 

MISSOURI 

Drury  College 

Springfield 

Lincoln  University 

Jefferson  City 

Maryville  University  of  Saint  Louis 

Saint  Louis 

College  of  the  Ozarks 

Point  Lookout 

Saint  Louis  LIniversity 

Saint  Louis 

Southwest  Baptist  University, 

Bolivar 

MONTANA 

Montana  Tech 

Butte 

Rocky  Mountain  College 

Billings 

NORTH  DAKOTA 

Baptist  Home,  Inc. 

Bismarck 

Dickinson  State  University 

Dickinson 

Jamestown  College 

Jamestown 

Mayville  State  I'niversity 

Mayville 

NEBRASKA 

Doane  College 

Crete 

Nebraska  Wesleyan  University 

Lincoln 

Nebraska-Lincoln,  University  of 

Lincoln 

College  of  Saint  Mary 

Omaha 

NEW  HAMPSHIRE 

Franklin  Tierce  College 

Rindge 

NEW  JERSEY 

Dwight-Englewood  School 

Englewood 

Princeton  Day  School 

Princeton 

Ramapo  College  of  New  Jersey 

Mahwah 

NEW  MEXICO 

College  of  Santa  Fe 

Santa  Fe 
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American  Express  Special  Teams,  Inc. 
Current  Partners  by  Institution 


State 

Institution 

City 

NEVADA 

Household  Bank 

Las  Vegas 

University  of  Nevada  -  Reno 

Reno 

Sierra  Health  Services,  Inc. 

Las  Vegas 

Truckee  Meadows  Community  College 

Reno 

NEW  YORK 

Alfred  University 
The  ALLINA  Hospitals 

Alfred 

American  Express  Company,  Towers 

New  York 

Fordham  University 

Bronx 

Maris!  College 

Poughkeepsie 

Nazareth  College 

Rochester 

College  of  New  Rochelle 

New  Rochelle 

Paul  Smith's  College 

Paul  Smiths 

SI  'NY  Binghamton  University 

Binghamton 

SL'NY  College  of  Geneseo 

Geneseo 

SUNY  College  at  Old  Westbury 

Old  Westbury 

SI  TNY  Institute  of  Technology 

irtica 

Wagne'r  College 

Staten  Island 

Wells  College 

Aurora 

OHIO 

Antioch  College 

Yellow  Springs 

Capital  University 

Columbus 

Cleveland  Clinic  Foundation 

Cleveland 

Franciscan  University  of  Stuebenville 

Steubenville 

J.  Leonard  Camera  Rehabilitation  Center 

Columbus 

Malone  College 

Canton 

Marietta  College 

Marietta 

OREGON 

Eastern  Oregon  State  College 

LaGrande 

Hewlett  Packard  Corporation  -  Corvallis 

Corvallis 

Hewlett  Packard  Corporation  -  Cupertino 

Cupertino 

Oregon  State  I  'niversify 

Corvallis 

Tokyo  International  University  of  America 

Salem 

Willamette  L'niversity 

Salem 
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American  Express  Special  Teams,  Inc. 
Current  Partners  by  Institution 


State 

Institution 

City 

PENNSYLVANIA 

Alvernia  College 

Reading 

Cabrini  College 

Radnor 

Cheyney  University  of  Pennsylvania 

Cheyney 

The  Children's  Hospital  of  Philadelphia 

Philadelphia 

Drexel  LIniversity 

Philadelphia 

Eastern  College 

St.  Davids 

Franklin  and  Marshall  College 

Lancaster 

Grove  City  College 

Grove  City 

Juniata  College 

Huntingdon 

Muhlenberg  College 

Allentown 

University  of  Pittsburgh 

Greensburg 

University  of  Pittsburgh 

Pittsburgh 

SOUTH  DAKOTA 

Augustana  College 

Sioux  Falls 

Black  Hills  State  University 

Spearfish 

Dakota  State  University 

Madison 

McKennan  Hospital 

Sioux  Falls 

Northern  State  University 

Aberdeen 

L'niversity  of  Sioux  Falls 

Sioux  Falls 

South  Dakota  State  University 

Brookings 

TENNESSEE 

Belmont  University 

Nashville 

TEXAS 

Ambassador  College 

Big  Sandy 

Concordia  Lutheran  College 

Austin 

Howard  Payne  University 

Brownwood 

Texas  Lutheran  College 

Seguin 

Texas  Southern  University 

Houston 

University  Towers 

Austin 

UTAH 

American  Express,  Inc. 

West  Valley 
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American  Express  Special  Teams,  Inc. 
Current  Partners  by  Institution 


State 

Institution 

City 

American  Express  Travelers  Cheque  Group 

Salt  Lake  City 

American  Express  SkiFunds 

Salt  Lake  City 

Franklin  Quest 

Salt  Lake  City 

Snow  College 

Ephraim 

Weber  State  University 

Ogden 

VIRGINIA 

George  Mason  University 

Fairfax 

Mary  Washington  College 

Fredericksburg 

Mary  Washington  Hospital 

Fredericksburg 

VERMONT 

Green  Mountain  College 

Poultney 

Norw^ich  University 

Northfield 

Saint  Michael's  College 

Colchester 

WASHINGTON 

Gonzaga  University 

Spokane 

University  of  Fuget  Sound 

Tacoma 

Saint  Martin's  College 

Lacey 

Whitw^orth  College 

Spokane 

WISCONSIN 

Carthage  College 

Kenosha 

Lakeland  College 

Plymouth 

Marian  College  of  Fond  du  Lac 

Fond  du  Lac 

I  'niversity  of  Wisconsin  -  Parkside 

Kenosha 

University  of  Wisconsin  -  Flatteville 

PlaHeville 

University  of  Wisconsin  -  Superior 

Superior 

WEST  VIRGINIA 

Ruby  Memorial  Hospital  of  WVl!  Hospitals,  Inc. 

Morgantown 

WYOMING 

Sheridan  College 

Sheridan 
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CHAPTER  III  r'ERINTENDENT'S  REGULATIONS  §   406.2 

PART  406 

MONEV  TRANSMITTERS 

(Slaluiory  authority:  Banking  Law,  §§  649.  659) 

Sec.  Sec. 

406.1  Introduction  406.9  Books  and  records 

406.2  Definitions  406.10  ReporU 

406.3  Conduct  of  business  406.11  Changes  In  control:  reports;  application 

406.4  Agents  and  subagents  of  money  transmit-  406.12  Additional  reporting 

ters  406.13  Provision  for  corporate  surety  bonds 

406. 5  Agency  contracts  406.14  Deposit  of  securities 

406.6  Advertising  and  solicitation  406. IS  Payments  by  uninsured  transmitters  of 

406.7  Examinations  money  to  fund 

406.8  Revocation:  possession  406.16  Communications 

Historical  Note 
Part  (§§  406.1-406.161  repealed,  new  filed:  May  30.  1989  as  emergency  measure,  ex- 
pired 90  days  after  filing:  Nov.  14.  1989  eff.  Dec.  S.  1989. 


Section  406.1  introduction.  This  Part  contains  regulations  relating  to  the  trans- 
mission of  money  by  licensees  and  their  agents  under  article  XIII-B  of  the  Banking  Law. 
For  purposes  of  this  Part,  the  business  of  transmission  of  money  will  be  divided  into 
three  categories:  the  issuance  and  sale  of  travelers  checks  to  the  public,  the  sale  and 
issuance  of  money  orders  to  the  public,  and  the  transmission  of  money  on  behalf  of  the 
public  by  any  and  all  other  means  or  manner  including  but  not  limited  to  trsmsmissions 
within  this  country  or  to  locations  abroad  by  wire,  check,  draft,  facsimile  or  courier. 
Although  a  number  of  the  subdivisions  of  this  Part  apply  to  all  licensees  and  their  agents 
and  subagents.  other  subdivisions  apply  exclusively  to  those  transmission  activities  that 
fall  within  the  scope  of  the  third  category  of  transmission.  As  provided  in  Banking  Law. 
section  641.  the  provisions  contained  in  this  Part  shall  not  apply  to  an  agent  of  a  payee 
as  defined  in  section  40€.2(ai  of  this  Part.  Only  agents  of  a  payee  which  do  not  engage 
in  any  money  transmission  activities  other  than  as  an  agent  of  a  payee  are  exempt  from 
the  provisions  of  this  Part. 

Historical  Note 
Sec.  amds.  filed:  Feb.  4.  1977  as  emergency  measure:  April  28.  1977  as  emergency 
measure;  June  28.  1977.  repealed,  new  filed  May  30.  1989  as  emergency  measure,  ex- 
pired 90  days  after  filing:  Nov.  14.  1989  eff  Dec   5.  1969 

406.2     Definitions.    For  purposes  of  this  Part : 

(a)  The  term  money  transmission  shall  include  all  instruments  sold  or  issued  in- 
cluding travelers  checks,  money  orders,  checks,  drafts,  orders,  wire  or  electronic  trans- 
fers, facsimile  transfers  and  shipments  by  courier  for  the  transmission  or  payment  of 

money. 

c.  nc'.;'-'  .'■    '-  . '-  '/o'-i  '  -/mcjow  or  enX.':...::z  :' : ' :  :  ■"  ■■■ 

(b )  The  term  travelers  check  means  an  instrument  for  the  paynne'nt  of  money  which: 

( 1 )  is  designated  on  its  face  by  the  term  travelers  check  or  by  any  similar  term 
or  spelling  or  is  commonly  known  and  marketed  as  a  travelers  check,  and  not  by  the 
term  money  order  or  by  any  substantially  similar  term:  and 

(2)  (i)     if  issued  in  United  States  currency.  Is  in  the  sum  of  SlO  or  a  multiple  thereof, 
if  less  than  SiOO.  or  in  the  sum  of  $100  or  a  whole  multiple  thereof:  or 

(ii)    if  issued  in  any  foreign  currency,  is  in  an  even  denomination  of  such  cur- 
rency: and 
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(3)  contains  a  provision  for  a  specimen  signature  of  the  purchaser  to  be  completed 
at  the  time  of  purchase:  and 

(4)  contains  a  provision  for  a  counter-signature  of  the  purchaser  to  be  completed 
at  the  time  of  negotiation. 

( c )  The  term  money  order  means  an  instrument  for  the  payment  of  money  ( whether 
or  not  negotiable)  which: 

(1)  is  designated  on  its  face  by  the  term  money  order  or  by  any  similar  term  or  is 
commonly  known  and  marketed  as  a  money  order,  and  not  also  by  the  term  travelers 
check,  official  check,  cashiers  check,  bank  check  or  by  any  substantially  similar  term; 
and 

(2)  is  customarily  subject  to  a  dollar  limit  stated  on  its  face  which  has  been  set  by 
the  drawer;  and 

(3)  requires  the  purchaser  to  sign  its  name,  provide  its  address  and  to  fill  in  the 
name  of  the  payee. 

(d)  The  terms  person,  licensee  and  check  shall  have  the  respective  meanings  spec- 
ified In  Banking  Law.  section  640. 

( e )  The  terms  agent  and  subagent  means  any  person  designated  or  appointed  by  the 
licensee  to  engage  in  money  transmission  at  locations  other  than  an  office  of  the  licensee 
as  provided  In  Banking  Law.  section  648.  but  does  not  Include  licensed  cashers  of  checks 
which  act  as  agents  of  licensed  money  transmitters  under  applicable  regulations. 

(f)  The  term  corporate  licensee  shall  include  any  licensee,  wherever  organized, 
which  is  a  corporation  or  association,  having  written  articles  of  incorporation  or  asso- 
ciation, but  shall  not  include  a  partnership. 

(g)  The  term  principal  officer  means  chairman  of  the  board,  president,  chairman  of 
the  executive  committee,  executive  vice-president,  comptroller,  and  any  other  persons 
who  perform  similar  functions. 

(h)  The  term  principal  stockholder  means  any  person  (or  group  of  persons  acting  in 
concert)  who  is  the  beneficial  owner  of  2S  percent  or  more  of  outstanding  voting  shares 
of  any  class. 

(1)    The  term  control  shall  have  the  meaning  specified  in  Banking  Law,  section  652- 


(j)  The  terms  fund,  holder(s),  Sew  York  instrumcnt(s),  New  York  traveler's 
check(s),  purchaser(s)  and  uninsured  money  transmitter  shall  have  the  respective 
meanings  specified  in  Banking  Law.  section  653. 

(k)  Notwithstanding  the  foregoing  definitions,  no  person  who  issues  or  delivers  a 
check,  draft  or  other  instrument  or  document  for  the  transmission  or  payment  of  money 
or  which  evidences  an  obligation  for  the  transmission  or  payment  of  money,  shall  be 
deemed  to  have  issued  or  sold  such  check,  draft,  instrument  or  document,  within  the 
meaning  of  section  6S3i6).  (9)  or  640(4)  of  the  Banking  Law  if  such  check,  draft  instru- 
ment or  document: 

( 1 )  is  sold  or  issued  in  connection  with  a  loan  or  extension  of  credit  other  than  a 
loan  or  extension  of  credit  to  purchase  a  money  order  or  New  York  traveler's  check; 
or 
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(2)  is  sold  or  issued  to  effect  a  withdrawal  or  transfer  of  funds  from  a  credit  bal- 
ance maintained  with  the  seller  or  issuer;  or 

(3)  evidences  or  relates  to  a  credit  balance:  or 

(4)  evidences  an  obligation  of  a  banking  institution  insured  by  a  Federal  insuring 
agency:  or 

(5)  evidences  an  obligation  arising  out  of  a  letter  of  credit,  borrowing  or  similar 
type  of  financing  or  arising  out  of  the  purchase  or  sale  of  securities:  or 

<6)  is  denominated  in  and  arises  out  of  a  transaction  involving  a  currency  other 
than  U.S.  dollars,  if  the  person  purchasing  such  check,  draft,  instrument  or  document 
is  engaged  in  the  business  of  purchasing  or  selling  such  currency :  or 

(7)  effects  a  transfer  of  funds  between,  among,  or  by  order  of  banking  institutions 
and  clearinghouses,  or  is  transferred  in  connection  with  the  collection  of  such  check, 
draft,  instrument  or  document. 

(1)  The  term  agent  of  a  payee  means  any  person  authorized  by  a  payee  to  receive 
funds  on  behalf  of  the  payee  and  to  deliver  such  funds  received  from  the  payor  to  the 
payee. 

Historical  Note 
Sec   repealed,  new  filed:  May  30.  1989  as  emergency  measure,  expired  90  days  after 
filing:  iNov.  14.  1989  eff.  Dec.  5.  1BS9 

406.3  Conduct  of  business,  (a)  Every  licensee  engaged  in  money  transmission, 
except  one  engaged  exclusively  in  the  sale  or  issuance  of  travelers  checks  and/or  money 
orders,  shall  post  and  at  all  times  display  In  full  public  view,  at  both  its  principal  office 
and  at  each  branch  office  in  this  State,  where  the  general  public  is  admitted  and  money 
transmission  is  carried  out.  a  sign  or  signs  in  the  English  language  and  in  any  other 
predominant  language  spoken  by  the  customers  of  the  licensee  each  of  which  sign  shall 
be  no  less  than  20  inches  wide  and  12  inches  high  with  letters  at  least  one-half  inch  in 
height  indicating  the  following: 

( 1 )  the  name  and  principal  address  of  the  licensee,  the  type  of  transmission  activity 
the  licensee  is  authorized  to  engage  in.  and  a  telephone  number  established  by  thr 
licensee  to  answer  questions  and  register  complaints:  and 

(2)  that  the  licensee  is  licensed  and  regulated  by  the  New  York  Stale  Banking; 
Department  located  at  Two  Rector  Street.  New  York.  NY  10006  and  that  unresolvt-u 
consumer  complaints  may  be  mailed  to  the  New  York  Slate  Banking  Deparimi-ni. 
Consumer  Services  Division. 

(b)  Every  licensee  engaged  in  money  transmission  in  this  State,  except  one  enitagfd 
exclusively  in  the  sale  or  issuance  of  travelers  checks  and/or  money  orders,  shall  affix 
a  notice  on  the  front  window  or  entrtihcealaocoiTitsipnncipal  office  andaAfeBC-h-toranch- 
office  in  this  State,  where  the  general  public  is  admitted  and  money  transmission  activ 
ities  are  carried  out  indicating  the  following  information: 

(1)  the  name  of  the  licensee;  and 

(2)  the  statement  that  the  licensee  is  "Licensed  as  a  Money  Transmitter  by  the 
Banking  Department  of  the  State  of  New  York".  Each  such  notice  shall  be  no  less 
than  four  inches  by  six  inches. 

(c)  No  licensee  shall  sell  or  issue  any  travelers  check,  money  order,  check,  draft,  or 
other  instrument  or  order  for  the  transmission  or  payment  of  money  in  or  from  this 
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State  unless  the  name  of  the  licensee  as  maker,  drawer,  acceptor  or  otherwise  as  obligor 
shall  clearly  appear  on  the  face  of  the  instrument. 

(d)  No  licensee  shall  engage  in  money  transmission  directly  or  through  the  use  of 
agents  in  New  York  without  having  filed  within  10  days  of  adoption  the  form  of  payment 
instrument  with  the  superintendent.  All  internationally  payable  Instruments  or  receipts 
therefore. shall  clearly  show  on  the  face  thereof  the  name  of  the  licensee  as  the  person 
liable  thereon. 

(e)  Every  licensee  which  has  appointed  or  designated  agents  in  this  State  shall  re- 
quire each  agent  under  its  written  agency  contract  to  conduct  the  authorized  money 
transmission  activities  through  the  licensee. 

(f )  A  receipt,  or  other  evidence  of  acceptance  of  funds  shall  be  given  to  every  person 
who  utilizes  a  licensee  to  transfer  funds.  The  receipt  issued  by  the  licensee  shall  contain 
the  information  required  in  subdivisions  (a)(1)  and  (c)  of  this  section  and  the  following 
additional  information: 

(1)  a  statement  of  the  liability  of  the  licensee  for  nondelivery  or  delayed  delivery: 

(2)  a  sutement  of  the  refund  policy  of  the  licensee: 

(3)  the  dollar  amount  of  transmission:  and 

(4)  the  fee  charged. 

( g )  Licensees  are  subject  to  supervision  and  regulation  by  the  New  York  State  Bank- 
ing Department  and  must  exercise  reasonable  supervision  over  agents  and  subagents 
to  insure  compliance  with  applicable  laws,  rules  and  regulations  with  regard  to  money 
transmission. 

Historical  Note 
Sec.  amd.  filed  Au     30.  1979:  repealed,  new  filed:  May  30.  1989  as  emergency  meas- 
ure, expired  90  days  after  filing:  Nov.  14.  1989  eff.  Dec.  5.  1989. 

406.4  Agents  and  subagenu  of  money  transmitters.  ( a )  Each  licensee  must  sub- 
mit to  the  superintendent  as  of  the  close  of  business  on  December  31.  1989  a  written 
description  of  the  licensee's  general  procedures  by  which  it  intends  to  enter  into  agency 
contracts  to  engage  in  money  transmission  in  this  State.  This  description  must  include 
the  licensee's  policies  and  procedures  and  other  details  regarding  the  following  matters: 

( 1 )  a  brief  summary  of  the  proposed  money  transmission  activities  to  be  engaged 
in  by  the  agents  and  subagents  and  a  description  of  how  money  is  to  be  transferred 
to  the  beneficiaries  and  an  undertaking  by  the  licensee  to  assume  responsibility  for 
consumer  losses  incurred  through  angent's  unauthorized  activities  or  as  a  result  of 
violations  of  any  laws  or  regulations :  and 

( 2 »  the  number  of  agents^TT'cfi&feagSnfs'arrd  'prBfe'cft'a'sal'es  vblu'me'  ^  travelers 
checks,  money  orders  and  all  other  transmission  instruments  sold:  and 

(3)  the  procedures  for  agent  and  subagenl  selection  including  the  method  of  as- 
certaining the  agent's  and  subagent's  credit  standing:  and 

(4 )  the  procedures  that  agents  and  subagents  shall  follow  relating  to: 

(i)     recordkeeping: 

(ii)     safeguarding  travelers  checks,  money  orders  and  all  other  instruments  or 
orders  for  the  transmission  or  payment  of  money: 
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(iii)  remittance  of  proceeds  of  sales  of  travelers  checks,  money  orders  and  all 
other  instruments  or  orders  for  transmission  or  for  payment  of  money  sold  to  the 
public  (I.e..  time  within  which  such  proceeds  are  required  to  be  remitted  to  the 
licensee,  ani  remittance  procedures); 

(iv)  reporting  procedures  to  be  followed  by  agents  and  subagents  when  reporting 
to  the  licensee  "le  sale  of  travelers  checks,  money  orders  and  all  other  instruments 
or  orders  for  i'  'ransmission  or  payment  of  money  sold  to  the  public  including  but 
not  limited  to  tli<.  time  within  which  such  sales  are  to  be  reported  to  the  licensee, 
and  procedures  for  reporting  such  sales;  and 

(5)  copies  of  any  documentation  which  the  licensee  will  require  its  agents  and 
subagents  to  furnish  the  public  in  connection  with  the  money  transmission  activities 
including  but  not  limited  to  samples  of  travelers  checks,  money  orders  and  all  other 
instruments  or  orders  for  the  transmission  or  payment  of  money  sold,  including  forms 
and  receipts;  and 

(6)  procedures  for  distributing  policies  and  procedures  pertaining  to  agents  and 
subagents  and  licensee's  program  to  assure  agent's  and  subagent's  compliance;  and 

(7)  compensation  arrangement  with  agent  and  subagent;  and 

(8)  bonding  and  insurance  of  agents  and  subagents;  and 

(9 )  the  licensee's  policy  relating  to  loans  to  and  investment  in  agents  and  subagents 
except  loans  and  investments  made  by  a  regulated  financial  institution  in  the  ordinary 
course  of  Its  business;  and 

(10)  in  the  case  of  money  transmissions  other  than  by  sale  of  money  orders  and 
travelers  checks,  the  names  and  addresses  of  correspondents  used  to  make  delivery 
of  money  to  beneficiaries:  and 

(11)  such  other  information,  and  documentation  as  the  superintendent  may  re- 
quire. 

Such  information  is  to  be  provided  within  45  days  of  December  31.  1989  and  at  such  otl  er 
times  as  the  superintendent  may  require. 

(b)  In  addition,  each  licensee  shall  submit  to  the  superintendent  as  of  the  close  of 
business  on  December  31.  1989  the  following  information: 

(1 )  a  listing  in  alphabetical  order  of  its  agents  and  subagents  in  this  State  showing 
their  full  names  and  addresses  and  licensee  assigned  identification  number(s)  if 
grouped  by  the  category  of  transmission  activity  the  licensee  has  authorized  the  agent 
and  subagent  to  conduct  on  its  behalf;  and 

(2)  a  specimen  copy  of  the  agency  contract  between  the  licensee  and  Its  agents 
and  subagents  including  all  attachments,  amendments  and  supplements.  Such  infor- 
mation's to  be  provided  within  45  days  of  December  31.  1989  and  at  such  other  times 
as  the  superintendent  may  require. 

(c)  Upon  any  change  in  any  material  aspect  of  a  licensee's  policies  and  procedures, 
including  but  not  limited  to  the  Items  enumerated  under  paragraphs  (a)(3)  through  (11) 
of  this  section,  the  licensee  shall  file  with  the  superintendent  a  written  description  of  the 
change  within  10  days  of  implementation. 

(d)  (1)     Every  agent  and  subagent.  other  than  a  bank,  which  is  engaged  in  money 
transmission,  except  one  engaged  exclusively  in  the  sale  or  issuance  of  travelers 
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checks  and/or  money  orders,  shall  post  and  at  all  times  display  in  full  public  view,  at 
both  Its  principal  office  and  at  each  branch  office  In  this  State  a  sign  or  signs  in  the 
English  language  and  in  any  other  predominant  language  spoken  by  its  customers. 
Each  sign  shall  be  no  less  than  20  inches  wide  and  12  mches  high  with  tetters  at  least 
one-half  inch  in  height  prominently  indicating  the  following: 

(i)  name,  address  and  telephone  number  of  the  principal  office  of  the  agent  and 
subagent  and  the  type  of  money  transmission  activity  which  the  agent  and  subagent 
has  t>een  authorized  to  conduct  by  the  licensee :  and 

( 11 )  name  and  address  of  the  licensee ;  and  a  telephone  number  established  by 
the  licensee  to  answer  questions  and  register  complaints :  and 

(ili)  that  the  licnsee  is  licensed  and  regulated  by  the  New  York  SUte  Banking 
Department  located  at  Two  Rector  Street.  New  York.  New  York  10006  and  that 
unresolved  consumer  complaints  may  be  mailed  to  the  New  York  Sute  Banking 
Department.  Consumer  Services  Division. 

(2)  Every  agent  or  subagents.  other  than  a  bank,  which  Is  engaged  In  money  trans- 
mission, except  one  engaged  exclusively  in  the  sale  or  issuance  of  travelers  checks 
and/or  money  orders,  shall  be  provided  by  the  licensee  with  a  notice  no  less  than  (our 
Inches  by  six  Inches  to  publicly  display  on  the  agent's  and  subgent's  front  window  or 
entrance  door  containing  the  following  Information: 

(I)  the  name  of  the  licensee;  and 

( II )  the  sutement  that  the  licensee  is  "Licensed  as  a  Money  Transmitter  by  the 
Banking  Department  of  the  State  of  New  York":  and 

(III)  its  designation  of  the  agent  to  act  in  such  capacity. 

( e )  A  receipt,  or  other  evidence  of  acceptance  of  funds  shall  be  given  to  every  person 
who  utilizes  an  agent  and  subagent  of  a  licensee  to  transfer  money.  The  receipt  Issued 
by  the  agent  and  subagent  of  the  licensee  shall  contain  the  mformation  required  in 
section  406.3(f)  of  this  Part  and  the  following  additional  Information: 

(1)  that  the  licensee  is  liable  tor  the  nondelivery  or  delayed  delivery: 

(2)  the  refund  policy  of  the  licensee ; 

(3)  the  dollar  amount  of  transmission:  and 

(4)  the  fee  charged. 

Historical  Note 

Sec.  repealed,  new  filed:  May  SO.lBSS  as  entergency  measure,  paired  Mday*  after 
(Uins:  Nov.  14.  1»8»  cff.  Dec.  S.  1»89. 

406.5  Agency  rontracU.  (a)  All  written  contracts  between  licensees  and  agenU 
and  subagents  entered  into  after  the  effective  date  of  this  Part  shall  provide  the  follow. 
Ing: 

(1).  a  descripUon  of  the  category  or  categories  of  money  transmission  acUvity  the 
licensee  is  authorized  to  lawfully  engage  in  under  Its  license  which  it  may  do  through 
an  agent  and  subagent :  and 

(2)    a  prohibition  in  the  licensee's  agenu  and  subagents  acting  on  behalf  of  the 
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consumer  as  a  courier  for  Ihe  transmission  of  money  which  activity  requires  licensing 
as  a  money  transmitter  and  a  requirement  that  all  money  orders  sold  may  not  be 
retained  by  the  agent  and  subagent  but  must  be  given  to  the  purchasers  of  the  instru- 
ments for  their  own  delivery  to  the  beneficiary;  and 

(3)  an  acknowledgment  that  the  superintendent  reserves  the  right  to  inspect,  with 
or  without  prior  notice  to  the  licensee  or  agent  and  subagent(  s ) .  the  books  and  records 
of  agent  and  subagent(s)  of  the  licensee  and  that  the  expenses  incurred  in  makuig 
any  such  inspection  shall  be  borne  by  the  licensee:  and 

(4)  that  agents  and  subagents  shall  not  sell  any  travelers  check,  money  order  or 
other  money  transmission  instrument  in  this  Slate  unless  the  name  of  the  licensee 
shall  clearly  appear  on  the  face  of  the  instrument  and  the  licensee  shall  not  condition 
its  engagement  as  obligor  under  the  payment  instrument  upon  the  remittance  of  the 
proceeds  of  salt  from  the  agent  and  subagent:  and 

(5)  that  agents  and  subagents  shall  not  sell  any  travelers  check,  money  order  or 
other  money  transmission  instrument  in  this  State,  unless  the  agent  and  subagent  has 
provided  the  superintendent  with  a  written  and  irrevocable  consent  to  examine,  have 
access  to.  and  retain  copies  of  all  of  Its  books  and  records,  wherever  maintained, 
relating  to  these  activities ;  and 

(6)  that  agerts  and  subagents  in  this  Slate  are  under  a  duty  to  act  only  as  author- 
ized under  the  agency  contract  and  that  an  agent  and  subagent  who  exceeds  its  au- 
thority is  subject  to  cancellation  of  the  agency  contract  and  may  result  in  further 
disciplinary  action  against  the  licensee  by  the  superintendent. 

(b)  For  each  contract  entered  into  prior  to  the  effective  date  of  this  Part,  a  rider 
containing  paragraphs  (a)(l)-(6)  of  this  section  shall  be  sent  by  each  licensee  to  each 
of  its  agents  and  subagents  in  New  York  within  45  days  of  the  effective  date  of  this  Part. 

Historical  Note 

Sec.  repealed,  new  died    May  30.  1989  as  emergency  measure,  expired  90  days  after 
filing:  Nov    m.  1989  eft.  Dec.  S.  1989. 

406.6  Advertising  and  solicitation,  (a)  No  licensee  or  agent  or  subagent  en- 
gaged in  money  transmission,  except  one  engaged  exclusively  in  the  sale  or  issuance  of 
travelers  checks  and/or  money  orders,  shall  advertise  its  money  transmission  services 
without  including  the  name  of  the  licensee  and  the  legend  that  such  licensee  is  "Licensed 
as  a  Money  Transmitter  by  the  Banking  Department  of  the  State  of  New  York". 

(b )  No  licensee  or  agent  and  subagent  who  sells  or  issues  travelers  checks  or  money 
orders  in  this  State  shall  advertise  Its  business  in  New  York  without  including  the  legend: 
"Licensed  as  a  Money  Transmitter  by  the  Banking  Department  of  the  State  of  New 
York".  .-'-'''-"  ",■■   ■    '   ■         '"-;    '  ""  ■:---■='':='-•-'■'-'•-•■""- 

(c)  Every  licensee  and  designated  agent  and  subagent  shall  maintain  a  complete 
file  of  its  advertisements  ( including  commercial  scripts  of  all  radio  and  television  broad- 
casts) for  examination  by  the  superintendent  for  a  period  of  at  least  two  years  from  the 
date  of  publication. 

(d)  The  legend  required  in  subdivisions  (a)  and  (b)  of  this  section  shall  apply  only 
to  advertising  in  New  York  Slate. 

Historical  Note 

Sec.  repealed,  new  filed:  May  30.  1989  as  emergency  measure,  expired  90  days  after 
filing:  Nov.  14.  1989  eff.  Dec.  5.  1989. 
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406.7  Examinations.  The  superintendent  shall  have  the  power  to  examine  any 
licensee  at  any  time  when  in  the  judgment  of  the  superintendent  such  examination  is 
necessary  or  advisable  to  determine: 

(a)  the  financial  condition  of  ihe  licensee: 

(b)  the  safety  and  soundness  of  the  conduct  of  its  business: 

(c)  the  policies  of  its  management: 

(d)  whether  the  requirements  of  law  have  been  complied  with  in  the  administration 
of  its  affairs : 

(e)  whether  the  licensee  has  policies  and  procedures  sufficient  to  control  the  activ- 
ities of  any  authorized  agents :  and 

(f)  such  other  matters,  as  the  superintendent  may  determine.  Including  but  not  lim- 
ited to  any  activities  of  the  licensee  outside  this  State  if  in  the  opinion  of  the  superin- 
tendent such  activities  may  affect  the  licensee's  money  transmission  business  In  this 
State. 

Historical  Note 
Sec.  repealed,  new  filed:  May  30.  1989  as  emergency  measure,  expired  90  days  after 
fUing:  Nov.  14.  198&  e((.  Dec.  9.  1989. 

406.8  Revocation:  possession,  (a)  Licenses  granted  under  article  XIII-B  of  the 
Banking  Law  may  be  revoked  for  the  grounds  specified  In  section  642  of  the  Banking 
Law  after  notice  and  hearing  conducted  In  accordance  with  the  State  Administrative 
Procedure  Act  and  Banking  Department  regulations. 

(b)  The  superintendent  may  take  possession  of  the  business  and  property  of  any 
licensee  as  provided  in  article  XIII-A  of  the  Banking  Law  for  the  reasons  stated  therein. 

Historical  Note 
Sec.  repealed,  new  filed:  May  30.  1989  as  emergency  measure,  expired  90  days  after 
filing:  Nov.  14.  1989  eff.  Dec.  S.  1989. 

406.9  Books  and  records,  (a)  Each  licensee  shall  make,  keep  and  preserve  its 
books  and  records  in  such  form,  in  such  manner  and  for  such  time  as  is  in  accordance 
with  generally  accepted  accounting  principles  and  in  a  condition  which  will  allow  the 
superintendent  to  determme  whether  the  licensee  and  agent  and  subagent  is  complying 
with  article  XIII-B  of  the  Banking  Law.  Preservation  by  photographic  reproduction  or 
in  photographic  form  shall  constitute  compliance  with  the  requirements  of  this  Part. 

(b)    The  books  and  records  maintained  by  each  licensee  and  agent  shall  Include: 

(1)  a  dally  record  of  Instruments  sold  by  date:  ...     .:. 

S.-r   fon-rlec.  now  u''=i:  '.:.:  y  ■  '■  ..■- •r.^r.ry  r.-.c;;EU!-c.  < 

(2)  a  ^'eneral  ledger  containing  all  asset,  liability,  capital,  income  and  expense 
accounts  which  generaHedger  shall  be  posted  at  least  monthly: 

(3)  remittance  reports  received  from  agents  and  subagents: 

(4)  bank  sutemenu  and  bank  reconciliation  records  which  shall  be  kept  for  three 
years: 

(5)  outstanding  money  transmission  instruments  by  year  of  sale  shall  be  main- 
tained for  at  least  five  years  after  the  time  which  such  Instruments  have  been  deemed. 
under  the  Abandoned  Property  Law.  to  be  abandoned  property; 
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(6)  each  money  transmission  instrument  paid  for  a  period  of  three  years  after  the 
dale  of  payment: 

(7)  a  list  of  the  names  and  addresses  of  all  the  agents  who  sell  or  issue  its  money 
transmissioM  instruments  and  copies  of  its  agency  agreements  thereunder. 

(c)  Every  licensee  shall: 

(1)  maintain  the  records  relating  to  its  money  transmission  instruments  in  New 
York:  or 

(2)  provide  the  superintendent  with  a  written  and  irrevocable  authorization  to  ex- 
amine, have  access  to.  and  retain  copies  of  all  its  books  and  records,  wherever  main- 
tained, relating  to  its  money  transmission  instruments. 

(d)  Each  licensee  or  agent  and  subagent  which  is  engaged  In  any  form  of  money 
transmission,  as  defined  in  section  406.2(a)  of  this  Part.  Including  any  engaged  exclu- 
sively in  the  sale  or  issuance  of  travelers  checks  and/or  money  orders,  shal.  comply 
with  Federal  Bank  Secrecy  Act  Regulations  as  set  forth  in  31  CFR  part  103.28. 

Historical  Note 
Sec.  repealed,  new  filed:  May  30,  1989  as  emergency  measure,  expired  90  days  after 
filing:  Nov.  n.  1989  eff.  Dec.  S,  1989 

406.10  Reports.  Each  licensee  shall  file  the  following  reports  giving  such  infor- 
mation as  may  be  required  by  the  superintendent  concerning  its  business  and  operations. 

(a)  Reports  of  locations.  A  licensee  engaging  in  money  transmission  in  this  State, 
either  directly  or  through  agents  and  subagents  shall  file  with  the  supermtendent.  in 
connection  with  its  application  for  license  or  license  renewal,  a  statement  showing  the 
number  of  such  locations  within  this  State  and  the  number  of  such  locations  elsewhere 
in  the  United  States  as  of  30  days  preceding  such  filing. 

(b)  Financial  reports.  Every  licensee  shall  file  with  the  superintendent  quarterly 
financial  statements  within  4S  days  following  the  close  of  the  licensee's  fiscal  quarter 
and  an  annual  financial  statement,  audited  by  an  independent  certified  public  accoun- 
unt.  within  120  days  following  the  close  of  the  licensee's  fiscal  year.  Such  financial 
statements  shall  include  a  balance  sheet,  a  profit  and  loss  statement,  and  a  statement 
of  retained  earnings. 

(c)  Reports  of  misconduct.  Every  licensee  shall  submit  a  report  to  the  superintend- 
ent immediately  upon  the  discovery  of  any  of  the  events  listed  in  Part  300  of  the  super- 
intendent's regulations.  Such  report  shall  be  submitted  as  set  forth  in  Part  300. 

(d)  Reports  of  business.  Every  licensee  shall  submit  a  report  to  the  superintendent 
within  45  days  following  the  close  of  each  calendar  quarter  reflecting  in  dollars  the 
monthly  sales  of  travelers  checks,  money  orders,  checks,  drafts,  wire  or  electronic 
transfers  or  other  instrumentsior  orders  for-ithe4r4nswfl««ii«£or  payment  of  money  m 
or  from  this  Slate  by  the  licensee  and  its  agents  and  subagents  and  the  aggregate 
monthly  sales  of  such  instruments  sold  elsewhere  in  the  United  Slates  by  the  licensee 
and  its  agents  and  subagents  durmg  the  previous  calendar  quarter.  Sales  of  money 
orders,  travelers  checks  and  all  other  such  instruments  sold  should  be  reported  sepa- 
rately for  each  instrument.  In  addition  at  the  end  of  every  calendar  quarter  every  li- 
censee should  report  the  amount  of  the  permissive  investments  (as  defined  In  section 
640.9  of  the  Banking  Law)  it  holds  and  the  amount  of  iU  outstanding  liabilities  reported 
separately  for  travelers  checks,  money  orders  and  all  other  such  instruments  sold. 

Historical  Note 
Sec.  repealed,  new  filed:  May  .30.  1989  as  emergency  measure,  expired  90  days  after 
filing:  Nov    14.  1989  eff.  Dec.  i.  1989 
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406.11  Changes  in  rontrol:  reports:  applications,  (at  As  required  under  Bank- 
ing Law.  section  652-a.  no  person  nrjay  acquire  direct  or  indirect  control  (as  defined  in 
said  section)  of  a  licensee  without  the  prior  approval  of  the  superintendent.  In  addition, 
an  unauthorized  acquisi  ion  of  control  may  result  in  the  voiding  of  the  license  to  engage 
in  the  business  of  money  transmission  as  provided  therein. 

(bi  Without  limiting  the  responsibilities  of  persons  seeking  to  acquire  control  of  li- 
censees to  make  application  to  the  superintendent  under  section  6S2-a  of  the  Banking 
Law  and  subdivisions  (d)  and  (e)  of  this  section,  licensees  shall  be  required  to  report  to 
the  superintendent  the  following  information  within  five  days  of  the  date  the  licensee 
becomes  aware  of  such  information: 

( 1 )  the  name  and  residence  of  each  person  (or  each  member  of  a  group  of  persons 
acting  in  concert)  who  becomes  an  owner  of  10  percent  or  more  of  the  outstanding 
shares  of  any  class  ( voting  or  nonvoting )  of  the  licensee ;  and 

(2)  the  name  and  residence  of  each  person  who  is  to  become  a  partner,  director 
or  principal  officer  of  the  licensee. 

(c)  Within  10  days  after  any  principal  officer  of  a  licensee  shall  be  appointed,  the 
licensee  shall,  with  respect  to  said  officer,  cause  to  be  filed  with  the  superintendent  the 
information  contained  in  subdivision  (e)  of  this  section. 

(d)  Prior  to  acquiring  direct  or  indirect  control  (as  defined  in  section  652-a  of  the 
Banking  Law)  of  a  licensee,  the  proposed  acquirer  shall  make  application  for  approval 
of  the  superintendent,  said  application  to  contain  the  information  described  in  subdivi- 
sion (e)  of  this  section 

(e)  (1)  Name  and  address  of  the  applicant,  if  an  individual  or.  if  a  partnership,  of 
its  partners  or.  if  a  cc  rporation  or  association,  of  the  directors,  trustees  and  principal 
officers  thereof  and  of  any  stockholder  owming  10  percent  or  more  of  the  outstanding 
shares  of  any  class  (voting  or  nonvoting)  of  the  licensee  and  a  description  of  the 
present  employment  or  occupation  and  of  all  previous  employment  or  occupation  dur- 
ing the  preceding  IS  years  (including  a  statement  as  to  whether  during  such  period 
the  applicant  has  been  discharged  from  employment,  and  if  so.  for  what  reason) :  and 

(2)  a  description  of: 

(i)    any  criminal  action  brought  against  the  applicant; 

(ii)    any  civil  action  brought  against  the  applicant  (excluding  any  civil  action  in 
■    which  the  amount  in  controversy  was  less  than  $25,000  or  which  terminated  more 
than  15  years  previously  and  excluding  any  domestic  relations  action ) : 

(111)    any  proceeding  brought  to  declare  the  applicant  bankrupt : 

(Iv)  any  such  criminal  or  civil  action  brought  against,  or  proceeding  to  declare 
bankrupt,  any  partnership,  corporation  or  association,  other  than  the  licensee,  of 
which  at  the  time  the  applicant  was  a  partner,  principal  stockholder  or  principal 
officer,  and  the  disposition  of  .<-uch  action  or  proceeding:  and 

(3)  whether  the  applicant  or  any  partnership,  corporation  or  association  of  which 
at  the  time  the  applicant  was  a  partner,  principal  stockholder,  director  or  principal 
officer  has  applied  for  a  license  In  this  State  or  any  other  sute  to  engage  in  money 
transmission,  the  disposition  of  such  application,  and  if  such  license  was  granted, 
whether  It  was  ever  suspended,  revoked  or  its  renewal  refused:  and 
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(4)  the  number  (If  any)  of  shares  of  each  class  of  stock  of  the  licensee  and  the 
amount  (if  anyi  of  obligations  (in  excess  of  SS.OOO)  of  the  licensee  of  which  the  appli- 
cant intends  t )  be  beneficial  owner  immediately  after  the  transaction  to  which  the 
report  relates:  and 

(5)  a  description  of  any  other  partnership,  corporation  or  association  (excluding 
any  corporation  or  association  organized  and  operated  exclusively  for  religious,  char- 
itable, scientific.  literary  or  educational  purposes  or  for  the  prevention  of  cruelty  to 
children  or  animals,  no  part  of  the  net  earnings  of  which  inures  to  the  benefit  of  any 
private  shareholder  or  individual )  of  which  the  applicant  is  partner,  principal  stock- 
holder, or  principal  officer;  and 

(6)  any  other  information  the  superintendent  may  require. 

(f )  Obligation  to  inform.  Every  corporate  licensee  shall  inform  in  writing  every  per- 
son (and  every  member  of  any  group  of  persons  acting  in  concert)  who  to  the  licensee's 
knowledge  is  a  principal  stockholder  of  the  licensee  of  the  reporting  requirements  under 
this  Part. 

Historical  Note 
Sec.  filed  Feb.  4.  19T7  a*  emergency  measure:  amds.  filed:  April  28.  1977  as  emer- 
gency measure:  June  28.  1977:  repealed,  new  filed:  May  30.  1989  a*  emergency  meas- 
ure, expired  90  days  afUr  filing:  Nov.  14.  1989  eff.  Dec.  5.  1989. 

406.12  Additional  reporting.  As  required  under  Banking  Law.  section  643.2  the 
licensee  shall  give  notice  to  the  superintendent  by  registered  or  certified  mail  of  any 
action  which  shall  be  brought  against  the  licensee  and  of  any  judgment  which  shall  be 
entered  against  the  licensee  by  such  purchaser  or  holder  of  a  New  York  instrument  or 
a  New  York  traveler's  check,  with  details  sufficient  to  identify  the  action  or  judgment, 
within  10  days  after  the  commencement  of  any  such  action  or  notice  to  the  licensee  of 
entry  of  any  such  judgment.  In  addition  every  licensee  shall,  immediately  after  the 
occurrence  of  the  event  becomes  known  to  the  licensee,  advise  the  superintendent  in 
writing  of: 

(a)  any  criminal  or  civil  action  (excluding  any  civil  action  in  which  the  amount  in 
controversy  is  less  than  S2S.000  and  excluding  any  domestic  relations  action)  brought 
against  the  licensee  or  any  proceeding  to  declare  the  licensee  bankrupt,  and  of  any 
judgment  or  settlement  entered  in  such  an  action  or  proceeding:  and 

(b)  any  criminal  or  civil  action  (excluding  any  civil  action  in  which  the  amount  in 
controversy  is  less  than  S2S.000  and  excluding  any  domestic  relations  action)  brought 
against,  or  any  proceeding  brought  to  declare  bankrupt,  any  person  who  is  a  partner, 
principal  stockholder,  director  or  principal  officer  of  the  licensee,  or  any  partnership, 
corporation  or  association  other  than  the  licensee  of  which  such  person  is  a  partner, 
principal  stockholder,  or  principal  officer,  and  of  any  judgment  or  settlement  entered 
in  such  an  action  or  proceeding. 

Historical  Note 
Sec.  filed:  April  28.  1977  as  emergency  measure:  June  28.  1977;  repealed,  new  filed: 
May  30.  1989  as  emergency  n-.easure.  expired  90  days  after  filing:  Nov.  14.  1989  eff. 
Dec.  5.  1989. 

406.13  Provision  (or  corporate  surety  bonds,  (a)  Every  person  licensed  to 
transmit  money  pursuant  to  Banking  Law,  section  641.  shall  file  with  the  superintendent 
one  or  more  corporate  surety  bonds,  in  form  satisfactory  to  the  superintendent  in  such 
principal  amount  as  the  superintendent  shall  have  determined.  Such  corporate  surety 
bond  shall  be  issued  by  a  bonding  company  or  insurance  company  authorized  to  do 
business  in  this  Slate. 
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(b)  One  such  bond  shall  be  in  favor  of  the  superintendent  for  the  protection  of  the 
purchasers  and  holders  of  New  York  instruments  sold  by  the  licensee.  The  principal 
amount  of  such  bond  sh  ill  be  not  less  than  SSOO.OOO  and  it  shall  contain  substantially  the 
following  language : 

"The  proceeds  of  this  bond  shall  consutute  a  trust  fund  (or  the  exclusive  benefit  of 
the  purchasers  and  holders  of  the  licensee's  New  York  instruments.  In  the  event  of  the 
insolvency  or  bankruptcy  of  the  licensee,  the  proceeds  of  the  bond  shall  be  paid  lo  the 
supennlendent  forthwith  for  dtsposiUon  in  accordance  with  the  applicable  provisions 
of  the  Banking  Law:  provided,  however,  if  any  New  York  instruments  have  been  as. 
signed  to  the  fund  the  proceeds  of  the  bond  shall  constitute  a  trust  fund  for  the  benefit 
of.  and  shall  be  pay-ible  lo.  the  fund  to  the  extent  of  such  assignment.  As  used  herein, 
the  terms  "New  York  instruments",  "fund",  "purchasers."  and  "holders"  shall  have 
the  meanings  ascribed  to  them  in  section  693  of  the  Banking  Law." 

(c)  If  the  licensee  engages  in  the  sale  of  New  York  traveler's  checks,  such  licensee 
shall  file  with  the  superintendent  a  separate  bond.  Said  bond  shall  be  in  favor  of  the 
superintendent  for  the  protection  of  the  purchasers  and  holders  of  New  York  traveler's 
checks  sold  by  the  licensee.  The  principal  amount  of  such  bond  shall  not  be  less  than 
$750,000  and  it  shall  contain  substantially  the  following  language : 

"The  proceeds  of  this  bond  shall  constitute  a  trust  fund  for  the  exclusive  benefit  of 
the  purchasers  and  holders  of  the  licensee's  New  York  traveler's  checks.  In  the  event 
of  the  insolvency  or  bankruptcy  of  the  licensee,  the  proceeds  of  the  bond  shall  t>e  paid 
to  the  superintendent  forthwith  for  disposition  in  accortlance  with  applicable  provisions 
of  the  Banking  Law.  As  used  herein,  the  terms  "New  York  Traveler's  checks",  "pur- 
chasers" and  "holders"  shall  have  the  meanings  ascribed  to  them  in  section  653  of  the 
Banking  Law." 

Historical  Note 

Sec.  filed  Dec  20.  19T7;  repealed,  new  filed:  May  30.  1989  as  emergency  measure, 
expired  90  days  after  filing:  Nov.  u.  1989  eff   Dec.  S.  1BB9. 

406.14  Deposit  of  securities.  A  licensee  who  in  lieu  of  filing  a  corporate  surety 
bond  elects  to  deposit  securities  pursuant  to  Banking  L.aw.  section  643(3).  shall  execute 
with  the  depository  bank,  trust  company  or  national  bank  a  deposit  agreement  in  form 
satisfactory  to  the  superintendent.  An  executed  copy  of  this  deposit  agreement  shall  be 
filed  with  the  superintendent. 

Hlatorical  Note 
Sec.  filed  Dec.  2t.  igT?:  repealed,  new  (lied:  May  30.  1989  as  emergency  measure, 
expired  90  days  after  filing:  Nov.  14.  1989  eff.  Dec.  9.  1989. 

406.15  Payments  by  uninsured  money  transmitters  to  fund.  Upon  receipt  of  no 
tice  of  assessment  issued  pursuant  to  section  657  of  the  Banking  Law.  each  uninsured 
money  transmitter  shall  provide  the  superintendent,  as  administrator  of  the  State  Trans- 
mitter of  Money  Fund,  within  such  reasonable  time  as  shall  have  been  specified  in  such 
notice,  a  statement  certified  by  an  executive  oUic^(>^9|winebyv^daUai;  Amounts  of  .the.; 
New  York  instruments  issued  by  the  uninsured  money  transmitter  that  were  outstanding 
at  the  end  of  each  calendar  quarter  for  the  calendar  year  preceding  that  in  which  the 
assessment  is  made,  and  the  average  of  said  amount.  (Said  average  shall  consist  of  the 
quotient  obtained  when  dividing  the  sum  of  such  amounts  by  the  number  of  calendar 
quarters  involved. )  Upon  receipt  of  such  statement,  the  superintendent  shall  notify  the 
uninsured  money  transmitter  of  the  percentage  of  said  average  constituting  the  assess- 
ment, and  the  uninsured  money  transmitter  shall  forthwith  pay  the  resulting  assessment 
to  the  superintendent.  Said  percenUge  shall  be  uniform  as  to  all  uninsured  money  trans- 
mitters. In  no  event  shall  the  total  amount  assessed  in  any  one  year  against  any  unin- 
sured money  transmitter  pursuant  to  section  6S7  of  the  Banking  Law  exceed  two  per 
centum  of  the  New  York  instruments  of  such  uninsured  money  transmitter,  which  were 

2450.6     B     11-30-88 
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outstanding  at  the  end  of  the  calendar  year  preceding  the  year  in  which  such  assess- 
ments were  made  or  $125,000.  whichever  is  less 

Historical  Note 
Sec    filed  July  IS.  19~:  repealed,  new  filed:  May  30.  1989  as  emergency  measure, 
expired  90  days  after  filing    Nov    m    19R9  eft    Dec    5.  1989 

406.16  Communications.  It  is  requested  thai  licensees  direct  their  Banking  De- 
partment correspondence,  reports,  notices,  statements  and  applications  to  the  following 
address; 

Licensed  F  nancial  Services  Division 
New  York  State  Banking  Department 
2  Rector  Street 
New  York.  NY  10006-1894 

Historical  Note 
Sec.  repealed,  new  filed:  May  30.  1989  as  emergency  measure,  expired  90  days  after 
filing:  Nov.  14.  1989  eff.  Dec.  5.  1989. 


I 


266 


MODEL  ACT  REGULATING 
MONEY  TRANSMITTERS 


Revised;  April  15, 1996 


SECTION  1  -  CITATION 

This  act  may  be  dted  as  the  "Uniform  Money  Transmitters  Act." 

SECTION  2  -  UCENSE  REQUIRED 

A.  On  or  after ,  1996,  no  person  except  those  exempt  pursuant 

to  Section  4,  shall  engage  in  the  business  of  money  transmission  without  a  license  as 
provided  hereunder. 

B.  A  licensee  may  conduct  its  business  in  this  State  at  one  or  more 
locations,  directly  or  indirectly  owned,  or  through  one  or  more  authorized  delegates, 
or  both,  pursujmt  to  the  single  license  granted  to  the  licensee. 

SECTION  3  -  DEHNITIONS 

Unless  otherwise  indicated,  the  following  definitions  shall  apply  to  the  terms 
set  forth  below  wherever  such  terms  are  used  in  this  Article: 

A.  "Money  transmission"  means  the  sale  or  issuzmce  of  payment 
ir\struments  or  engaging  in  the  business  of  receiving  money  for  transmission  or 
transmitting  money  within  the  United  States  or  to  locatior\s  abroad  by  any  and  all 
means,  including  but  not  limited  to  payment  iristrument,  wire,  facsimile  or 
electronic  traiisfer. 

B.  "Licensee"  means  a  person  licensed  under  this  Article. 

C.  "Person"  means  any  individual,  partnership,  association,  joint-stock 
association,  trust  or  corporation. 

D.  "Applicant"  means  a  person  filing  an  application  for  a  license  under 
this  Article. 
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E.  "Authorized  delegate"  means  an  entity  designated  by  the  Hcensee 
under  the  provisions  of  this  Article  to  sell  or  issue  payment  instruments  or  engage 
in  the  business  of  transmitting  money  on  behalf  of  a  licensee. 

F.  "Control"  means  ownership  of,  or  the  power  to  vote,  twenty-five 
percent  or  more  of  the  outstaitding  voting  securities  of  a  licensee  or  controlling 
person.  For  purposes  of  determining  the  percentage  of  a  licensee  controlled  by  any 
person,  there  shall  be  aggregated  with  the  person's  interest  the  interest  of  any  other 
person  controlled  by  such  person  or  by  any  spouse,  parent,  or  child  of  such  person. 

G.  "Controlling  person"  means  any  person  in  control  of  a  licer\see. 

H.        "Executive  Officer,"  means  the  licer\see's  president,  chairman  of  the 
executive  committee,  senior  officer  resporisible  for  the  licensee's  business,  chief 
financial  officer  and  any  other  person  who  performs  similar  functior\s. 

I.  "Key  shareholder"  means  any  person  (or  group  of  persons  acting  in 

concert)  who  is  the  owner  of  twenty  five  (25)  percent  or  more  of  any  voting  class  of 
an  applicant's  stock. 

J.  "Material  litigation"  means  any  litigation  that,  according  to  generally 

accepted  accounting  principles,  is  deemed  significant  to  an  applicant's  or  licensee's 
financial  health  and  would  be  required  to  be  referenced  in  that  entity's  annual 
audited  financial  statements,  report  to  shareholders  or  similar  documents. 

K.        "Payment  instrument"  means  any  check,  draft,  money  order,  travelers 
check  or  other  instrument  or  written  order  for  the  transmission  or  payment  of 
money,  sold  or  issued  to  one  or  more  persons,  whether  or  not  such  instrument  is 
negotiable.   The  term  "payment  instrument"  does  not  include  any  credit  card 
voucher,  any  letter  of  credit  or  any  instrument  which  is  redeemable  by  the  issuer  in 
goods  or  services. 

L.         "Outstanding  payment  instrument"  means  any  payment  instrument 
issued  by  the  licensee  which  has  been  sold  in  the  United  States  directly  by  the 
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licensee  or  any  payment  instrument  issued  by  the  licensee  which  has  been  sold  by 
an  authorized  delegate  of  the  licensee  in  the  United  States,  and  which  has  not  yet 
been  paid  by  or  for  the  licensee. 

M.       "Remit"  means  either  to  make  direct  payment  of  the  funds  to  the 
licensee  or  its  representatives  authorized  to  receive  those  funds,  or  to  deposit  the 
funds  in  a  bemk,  credit  union  or  savings  and  loan  association  or  other  similar 
financial  iristitution  in  an  account  specified  by  the  licensee. 

N.       "Superintendent"  means  the  State  Superintendent  of  Banks  or  other 
Senior  State  regulator  charged  with  regulation  of  banks. 

O.        "Permissible  Investments"  means: 

(1)  cash; 

(2)  certificates  of  deposit  or  other  debt  obligations  of  a 
financial  institution,  either  domestic  or  foreign; 

(3)  bills  of  exchange  or  time  drafts  drawn  on  and  accepted  by  a 
commercial  bank,  otherwise  known  as  bankers' 
acceptances,  which  are  eligible  for  purchase  by  member 
banks  of  the  Federal  Reserve  system; 

(4)  any  investment  bearing  a  rating  of  one  of  the  three 
highest  grades  as  defined  by  a  nationally  recognized 
organization  that  rates  such  securities; 

(5)  investment  securities  that  are  obligations  of  the  United 
States,  its  agencies  or  instrumentalities,  or  obligations  that 
are  guaranteed  fully  as  to  principal  and  interest  of  the 
United  States,  or  any  obligations  of  any  state,  municipality 
or  any  political  subdivision  thereof; 

(6)  shares  in  a  money  market  mutual  fund,  interest-bearing 
bills  or  notes  or  bonds,  debentures  or  stock  traded  on  any 
national  securities  exchange  or  on  a  national  over-the- 
counter  market,  or  mutual  funds  primarily  composed  of 
such  securities  or  a  fund  composed  of  one  or  more 
permissible  investments  as  set  forth  herein; 
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(7)  any  demand  borrowing  agreement  or  agreements  made  to 
a  corporation  or  a  subsidiary  of  a  corporation  whose 
capital  stock  is  listed  on  a  national  exchange; 

(8)  receivables  which  are  due  to  a  licensee  from  its  authorized 
delegates  pursuant  to  a  contract  described  in  Section  18, 
which  are  not  past  due  or  doubtful  of  collection;  or 

(9)  any  other  investments  or  security  device  approved  by  the 
Superintendent. 

SECTION  4  -  EXEMPTIONS 

A.  This  Article  shall  not  apply  to: 

(1)  The  United  States  or  any  department,  agency,  or 
instrumentality  thereof; 

(2)  The  United  States  Post  Office; 

(3)  The  State  or  any  political  subdivisions  thereof; 

(4)  Banks,  bank  holding  companies,  credit  unions,  building 
and  loan  associations,  savings  and  loan  associatioris, 
savings  banks  or  mutual  banks  organized  under  the  laws 
of  any  state  or  the  United  States,  provided  that  they  do  not 
issue  or  sell  payment  instruments  through  authorized 
delegates  who  are  not  banks,  bank  holding  companies, 
credit  unions,  building  and  loan  associations,  savings  and 
loan  associations,  savings  banks  or  mutual  banks;  and 

(5)  The  provision  of  electronic  transfer  of  government 
benefits  for  any  federal,  state  or  county  governmental 
agency  as  defined  in  Federal  Reserve  Board  Regulation  E, 
by  a  contractor  for  and  on  behalf  of  the  United  States  or 
any  department,  agency  or  instrumentality  thereof,  or  any 
state  or  any  political  subdivisions  thereof. 

B.  Authorized  delegates  of  a  licensee,  acting  within  the  scope  of  authority 
conferred  by  a  written  contract  as  described  in  Section  18  shall  not  be  required  to 
obtain  a  license  pursuant  to  this  Article. 
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SECTION  5  -  LICENSE  QUALIHCATIONS 

A.  Each  licensee  under  this  Article  shall  at  all  times  have  a  net  worth  of 
not  less  than  one  hvindred  thousand  dollars  ($100,000),  calculated  in  accordance  with 
generally  accepted  accounting  principles.  Licensees  engaging  in  money 
transmission  at  more  than  one  location  or  through  authorized  delegates  shall  have 
an  additional  net  worth  of  $50,000  per  location  or  agent  located  in  the  State,  as 
applicable,  to  a  maximum  of  $500,000. 

B.  Every  corporate  applicant,  at  the  tin\e  of  filing  of  an  application  for  a 
license  under  this  Article  and  at  all  times  after  a  license  is  issued,  shall  be  in  good 
standing  in  the  state  of  its  incorporation.  All  non-corporate  applicants  shall,  at  the 
time  of  the  filing  of  an  application  for  a  licerise  imder  this  Article  and  at  all  times 
after  a  license  is  issued,  be  registered  or  qualified  to  do  business  in  the  State. 

SECTION  6  -  PERMISSIBLE  INVESTMENTS  AND  STATUTORY  TRUST 

A.  Each  licensee  under  this  Article  must  at  all  times  possess  permissible 
investments  having  an  aggregate  market  value,  calculated  in  accordance  with 
generally  accepted  accounting  principles,  of  not  less  than  the  aggregate  face  amount 
of  all  outstanding  payment  instruments  issued  or  sold  by  the  licensee  in  the  United 
States.   This  requirement  may  be  waived  by  the  Superintendent  if  the  dollar  volume 
of  a  licensee's  outstanding  payment  instruments  does  not  exceed  the  bond  or  other 
security  devices  posted  by  the  licensee  pursuant  to  Section  8. 

B.  Permissible  investments,  even  if  commingled  with  other  assets  of  the 
licensee,  shall  be  deemed  by  operation  of  law  to  be  held  in  trust  for  the  benefit  of  the 
purchasers  and  holders  of  the  licensee's  outstanding  payment  instruments  in  the 
event  of  the  bankrupty  of  the  licensee. 
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SECnON  7  -  LICENSE  APPLICATION 

Each  application  for  a  license  under  this  Article  shall  be  made  in  writing, 
under  oath,  and  in  a  form  prescribed  by  the  Superintendent.  Each  application  shall 
contain: 

A.  For  all  applicants: 

(1)  The  exact  name  of  the  appliceint,  the  applicant's  principal 
address,  any  fictitious  or  trade  name  used  by  the  applicant 
in  the  conduct  of  its  business  and  the  location  of  the 
applicant's  business  records. 

(2)  The  history  of  the  applicant's  material  litigation  and 
criminal  convictions  for  the  five  (5)  year  period  prior  to 
the  date  of  the  application. 

(3)  A  description  of  the  activities  conducted  by  the  applicant 
and  a  history  of  operations. 

(4)  A  description  of  the  business  activities  in  which  the 
applicant  seeks  to  be  engaged  in  the  State. 

(5)  A  list  identifying  the  applicant's  proposed  authorized 
delegates  in  the  state,  if  any,  at  the  time  of  the  filing  of  the 
license  application. 

(6)  A  sample  authorized  delegate  contract,  if  applicable. 

(7)  A  sample  form  of  payment  instrument,  if  applicable. 

(8)  The  location(s)  at  which  the  applicant  and  its  authorized 
delegates,  if  any,  propose  to  conduct  the  licensed  activities 
in  the  State. 

(9)  The  name  and  address  of  the  clearing  bank  or  banks  on 
which  the  applicant's  payment  instruments  will  be  drawn 
or  through  which  such  payment  instruments  will  be 
payable. 

B.  If  the  applicant  is  a  corporation,  the  applicant  must  also  provide: 

(1)  The  date  of  the  applicant's  incorporation  and  state  of 
incorporation. 

(2)  A  certificate  of  good  standing  from  the  state  in  which  the 
applicant  was  incorporated. 
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(3)  A  description  of  the  corporate  structure  of  the  applicant, 
including  the  identity  of  any  parent  or  subsidiary  of  the 
applicant,  and  the  disclosure  of  whether  any  parent  or 
subsidiary  is  publicly  traded  on  any  stock  exchange. 

(4)  The  name,  business  and  residence  address,  and 
employment  history  for  the  past  five  (5)  years  of  the 
applicant's  executive  officers  and  the  officer(s)  or 
managers  who  will  be  in  charge  of  the  appliceint's 
activities  to  be  licer\sed  hereunder. 

(5)  The  name,  business  and  residence  address,  and 
employment  history  for  the  period  five  (5)  years  prior  to 
the  date  of  the  application  of  any  key  shareholder  of  the 
applicant. 

(6)  The  history  of  material  litigation  and  criminal 
convictions  for  the  five  (5)  year  period  prior  to  the  date  of 
the  application  of  every  executive  officer  or  key 
shareholder  of  the  applicant. 

(7)  A  copy  of  the  applicant's  most  recent  audited  financial 
statement  (including  balance  sheet,  statement  of  income 
or  loss,  statement  of  changes  in  shareholder  equity  and 
statement  of  changes  in  financial  position)  and,  if 
available,  the  applicant's  audited  financial  statements  for 
the  immediately  preceding  two  (2)  year  period.  However, 
if  the  applicant  is  a  wholly  owned  subsidiary  of  another 
corporation,  the  applicant  may  submit  either  the  parent 
corporation's  consolidated  audited  financial  statements 
for  the  current  year  and  for  the  immediately  preceding 
two  (2)  year  period  or  the  parent  corporation's  Form  lOK 
reports  filed  with  the  United  States  Securities  and 
Exchcinge  Commission  for  the  prior  three  (3)  years  in  lieu 
of  the  applicant's  financial  statements.   If  the  Applicant  is 
a  wholly  ovaied  subsidiary  of  a  corporation  having  its 
principal  place  of  business  outside  the  United  States, 
similar  documentation  filed  with  the  parent  corporation's 
non-United  States  regulator  may  be  submitted  to  satisfy 
this  provision. 

(8)  Copies  of  all  filings,  if  any,  made  by  the  applicant  with  the 
United  States  Securities  and  Exchange  Commission,  or 
with  a  similar  regulator  in  a  country  other  than  the 
United  States,  within  the  year  preceding  the  date  of  filing 
of  the  application. 
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C.         If  the  applicant  is  not  a  corporation,  the  applicant  must  also  provide: 

(1)  The  name,  business  and  residence  address,  personal 
financial  statement  and  employment  history,  for  the  past 
five  (5)  years,  of  each  principal  of  the  applicant  and  the 
name,  business  and  residence  address,  and  employment 
history  for  the  past  five  (5)  years  of  any  other  person  or 
persons  who  will  be  in  charge  of  the  applicant's  activities 
to  be  licensed  hereunder. 

(2)  The  place  and  date  of  the  applicant's  registration  or 
qualification  to  do  business  in  this  State; 

(3)  The  history  of  material  litigation  and  criminal 
convictior\s  for  the  five  (5)  year  period  prior  to  the  date  of 
the  application  for  each  individual  having  any  ownership 
interest  in  the  applicant  and  each  individual  who 
exercises  supervisory  responsibility  with  respect  to  the 
applicant's  activities;  and 

(4)  Copies  of  the  applicant's  audited  financial  statements 
(including  balance  sheet,  statement  of  income  or  loss,  and 
statement  of  changes  in  financial  position)  for  the  current 
year  and,  if  available,  for  the  immediately  preceding  two 
(2)  year  period. 

The  Superintendent  is  authorized,  for  good  cause  shown,  to  waive  any 

requirement  of  this  section  with  respect  to  any  license  application  or  to  permit  a 

license  applicant  to  submit  substituted  information  in  its  licer\se  application  in  lieu 

of  the  information  required  by  this  section. 

SECTION  8  -  BOND  OR  OTHER  SECURITY  DEVICE 

A.        Each  application  must  be  accompanied  by  a  surety  bond,  irrevocable 
letter  of  credit  or  such  other  similar  security  device  (hereinafter  "security  device") 
acceptable  to  the  Superintendent  in  the  amount  of  fifty  thousand  dollars  ($50,000).  If 
the  applicant  proposes  to  engage  in  business  under  this  Article  at  more  than  one 
location,  through  authorized  delegates  or  otherwise,  then  the  amount  of  the 
security  device  will  be  increased  by  ten  thousand  dollars  ($10,000)  per  location,  up  to 
a  maximum  of  two  hundred  fifty  thousand  dollars  ($250,000).  The  security  device 
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shall  be  in  a  form  satisfactory  to  the  Superintendent  and  shall  run  to  the  State  for 
the  benefit  of  any  claimants  against  the  licensee  to  secure  the  faithful  performance 
of  the  obligatioris  of  the  licensee  with  respect  to  the  receipt,  handling,  transmission, 
and  payment  of  money  in  connection  with  the  sale  and  issuance  of  payment 
instruments  and/or  transmission  of  money.  In  the  case  of  a  bond,  the  aggregate 
liability  of  the  surety  in  no  event  shall  exceed  the  principal  sum  of  the  bond. 
Claimants  against  the  licensee  or  its  authorized  delegates  may  themselves  bring  suit 
directly  on  the  security  device  or  the  Superintendent  may  bring  suit  on  behalf  of 
such  claimants,  either  in  one  action  or  in  successive  actions. 

B.  In  lieu  of  such  security  device  or  of  any  portion  of  the  principal  thereof, 
as  required  by  this  section,  the  licensee  may  deposit  with  the  Superintendent,  or 
with  such  banks  in  this  State  as  the  licensee  may  designate  and  the  Superintendent 
may  approve,  cash,  interest-bearing  stocks  and  bonds,  notes,  debentures  or  other 
obligations  of  the  United  States  or  any  agency  or  instrumentality  thereof,  or 
guaranteed  by  the  United  States,  or  of  this  State,  or  of  a  city,  county,  town,  village, 
school  district  or  instrumentality  of  this  State,  or  guaranteed  by  this  State,  to  an 
aggregate  amount,  based  upon  principal  amount  or  market  value,  whichever  is 
lower,  of  not  less  than  the  amount  of  the  security  device  or  portion  thereof.   The 
securities  and /or  cash  shall  be  deposited  as  aforesaid  and  held  to  secure  the  same 
obligations  as  would  the  security  device,  but  the  depositor  shall  be  entitled  to  receive 
all  interest  and  dividends  thereon,  shall  have  the  right,  with  the  approval  of  the 
Superintendent,  to  substitute  other  securities  for  those  deposited,  and  shall  be 
required  so  to  do  on  written  order  of  the  Superintendent  made  for  good  cause 
shown. 

C.  The  security  device  shall  remain  in  effect  until  cancellation,  which 
may  occur  only  after  thirty  days'  written  notice  to  the  Superintendent.  Cancellation 
shall  not  affect  any  liability  incurred  or  accrued  during  said  period. 
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D.        The  security  device  shall  remain  in  place  for  no  longer  than  five  years 
after  the  licensee  ceases  money  transmission  operatior\s  in  the  State.   However, 
notwrithstanding  this  provision,  the  Superintendent  may  permit  the  security  device 
to  be  reduced  or  eliminated  prior  to  that  time  to  the  extent  that  the  amount  of  the 
licensee's  payment  instruments  outstanding  in  this  State  are  reduced.   The 
Superintendent  may  also  permit  a  licensee  to  substitute  a  letter  of  credit  or  such 
other  form  of  security  device  acceptable  to  the  Superintendent  for  the  security 
device  in  place  at  the  time  the  licensee  ceases  money  transmission  operations  in  the 
State. 

SECTION  9  -  APPLICATION  FEE 

Each  application  must  be  accompanied  by  a  non-refundable  application  fee  in 

the  amount  of  $ .     The  application  fee  shall  also 

constitute  the  license  fee  for  the  applicant's  first  year  of  activities  if  the  license  is 
granted. 

SECTION  10  -  ISSUANCE  OF  LICENSE 

A.        Upon  the  filing  of  a  complete  application,  the  Superintendent  shall 
investigate  the  financial  condition  and  responsibility,  financial  and  business 
experience,  character  and  general  fitness  of  the  applicant.   The  Superintendent  may 
conduct  an  on-site  investigation  of  the  applicant,  the  reasonable  cost  of  which  shall 
be  borne  by  the  applicant.  If  the  Superintendent  finds  that  the  applicant's  business 
will  be  conducted  honestly,  fairly  and  in  a  manner  commanding  the  confidence  and 
trust  of  the  community  and  that  the  applicant  has  fulfilled  the  requirements 
imposed  by  this  Article  and  has  paid  the  required  license  fee,  the  Superintendent 
shall  issue  a  license  to  the  applicant  authorizing  the  applicant  to  engage  in  the 
licensed  activities  in  this  State  for  a  term  of  one  year.  If  these  requirements  have 
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not  been  met,  the  Commissioner  shall  deny  the  application  in  a  writing  setting  forth 
the  reasons  for  the  denial. 

B.  The  Superintendent  shall  approve  or  deny  every  application  for  an 
original  license  within  one  hundred  twenty  (120)  days  from  the  date  a  complete 
application  is  submitted,  which  period  may  be  extended  by  the  written  consent  of 
the  applicant.   The  Superintendent  shall  notify  the  applicant  of  the  date  when  the 
application  is  deemed  complete.  In  the  absence  of  approval  or  denial  of  the 
application,  or  consent  to  the  extension  of  the  one  hundred  eighty  day  period,  the 
application  is  deemed  approved  and  the  Superintendent  shall  issue  the  license 
effective  as  of  the  first  day  after  the  one  himdred  eighty  day  or  extended  period  has 
elapsed. 

C.  Any  applicant  aggrieved  by  a  denial  issued  by  the  Superintendent 
imder  this  Section  may  at  any  time  within  thirty  (30)  days  from  the  date  of  receipt  of 
written  notice  of  the  denial  contest  the  denial  by  serving  a  response  on  the 
Superintendent.    The  serving  of  a  response  on  the  Superintendent  shall 
automatically  stay  the  denial  until  a  final  ruling  in  such  hearing  is  announced.  The 
Superintendent  shall  set  a  date  for  a  hearing  not  later  than  sixty  (60)  days  after 
service  of  the  response,  unless  a  later  date  is  set  with  the  consent  of  the  denied 
applicant. 

SECTION  11  -  RENEWAL  OF  LICENSE  AND  ANNUAL  REPORT 

A.  The  Superintendent  shall,  by  rule,  establish  an  annual  fee  for  renewal 
of  a  license  under  this  Chapter. 

B.  The  renewal  fee  shall  be  accompanied  by  a  report,  in  a  form  prescribed 
by  rule  by  the  Superintendent,  which  form  shall  be  sent  by  the  Superintendent  to 
each  licensee  no  later  than  three  months  immediately  preceding  the  date  established 
by  the  Superintendent,  by  rule,  for  license  renewal.   The  licensee  must  include  in  its 
annual  renewal  report: 
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(1)  a  copy  of  its  most  recent  audited  consolidated  annual 
financial  statement  (including  balance  sheet,  statement  of 
income  or  loss,  statement  of  changes  in  shareholder's 
equity  and  statement  of  chcmges  in  financial  position),  or, 
in  the  case  of  a  licensee  that  is  a  wholly  owned  subsidiary 
of  another  corporation,  the  consolidated  audited  armual 
financial  statement  of  the  parent  corporation  may  be  filed 
in  lieu  of  the  licensee's  audited  annual  financial 
statement; 

(2)  for  the  most  recent  quarter  for  which  data  is  available 
prior  to  the  date  of  the  filing  of  the  renewal  application, 
but  in  no  event  more  than  120  days  prior  to  the  renewal 
date,  the  licerisee  must  provide  the  number  of  payment 
instnmients  sold  by  the  licensee  in  the  State,  the  dollar 
amount  of  those  instruments  and  the  dollar  amount  of 
those  instruments  currently  outstanding; 

(3)  any  material  changes  to  any  of  the  information  submitted 
by  the  licensee  on  its  original  application  which  have  not 
previously  been  reported  to  the  Superintendent  on  any 
other  report  required  to  be  filed  under  this  Article. 

(4)  a  list  of  the  licensee's  permissible  investments; 

(5)  a  list  of  the  locations  within  this  State  at  which  business 
regulated  by  this  Act  is  being  conducted  by  either  the 
licensee  or  its  authorized  delegate. 

C.        A  licensee  that  has  not  filed  a  renewal  report  or  paid  its  renewal  fee  by 

the  renewal  filing  deadline  and  has  not  been  granted  an  extension  of  time  to  do  so 

by  the  Superintendent  shall  be  notified  by  the  Superintendent,  in  writing,  that  a 

hearing  will  be  scheduled  at  which  time  the  licensee  will  be  required  to  show  cause 

why  its  license  should  not  be  suspended  pending  compliance  with  these 

requirements. 

SECTION  12  -  EXTRAORDINARY  REPORTING  REQUIREMENTS 

A.        Within  fifteen  (15)  days  of  the  occurrence  of  any  one  of  the  events 
listed  below,  a  licensee  shall  file  a  written  report  with  the  Superintendent  describing 
such  event  and  its  expected  impact  on  the  licensee's  activities  in  the  State: 
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(1)  The  filing  for  bankruptcy  or  reorganization  by  the 
Ucensee; 

(2)  The  institution  of  revocation  or  suspension  proceedings 
against  the  licensee  by  any  state  or  governmental 
authority  v^ith  regard  to  the  licensees'  money 
transmission  activities; 

(3)  Any  felony  indictment  of  the  licensee  or  amy  of  its  key 
officers  or  directors  related  to  money  trar\smission 
activities; 

(4)  Any  felony  conviction  of  the  licensee  or  any  of  its  key 
officers  or  directors  related  to  money  trarismission 
activities. 

SECTION  13  -  CHANGES  IN  CONTROL  OF  A  LICENSEE 

Within  15  days  of  a  change  or  acquisition  of  control  of  a  licensee,  the  licensee 
shall  provide  notice  of  such  event  to  the  Superintendent  in  v^riting  and  in  such 
form  as  the  Superintendent  may  prescribe  by  rule,  and  shall  be  accompanied  by  such 
information,  data  and  records  as  the  Superintendent  may  require  by  rule. 
Notwithstanding  the  foregoing,  the  Superintendent  may  waive  this  notification 
requirement  if,  in  the  Superintendent's  discretion,  the  change  in  control  does  not 
pose  any  risk  to  the  interests  of  the  public. 

SECTION  14  -  EXAMINATIONS 

A.        The  Superintendent  may  conduct  an  annual  on-site  examination  of  a 
licensee  upon  forty-five  days  (45)  written  notice  to  the  licensee.  Should  the 
Superintendent  conclude  that  an  on-site  examination  of  a  licensee  is  necessary,  the 
licerisee  shall  pay  all  reasonably  incurred  costs  of  such  examination.  If  the 
Superintendent  determines,  based  on  the  licensee's  financial  statements  and  past 
history  of  operations  in  the  State,  that  an  on-site  examination  is  urmecessary,  the 
on-site  examination  may  be  waived  by  the  Superintendent.   The  on-site 
examination  may  be  conducted  in  conjunction  with  examinations  to  be  performed 
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by  representatives  of  agencies  of  another  state  or  states.  The  Superintendent,  in  lieu 
of  an  on-site  examination,  may  accept  the  examination  report  of  an  agency  of 
another  state,  or  a  report  prepared  by  an  independent  accounting  firm,  and  reports 
so  accepted  are  considered  for  «ili  purposes  as  an  official  report  of  the 
Superintendent. 

B.        The  Superintendent  may  request  financial  data  from  a  licensee  in 
addition  to  that  required  imder  Section  11,  or  conduct  an  on-site  examination  of  any 
authorized  delegate  or  location  of  a  licensee  within  this  State  without  prior  notice  to 
the  authorized  delegate  or  licensee  only  if  the  Superintendent  has  a  reasonable  basis 
to  believe  that  the  licensee  or  authorized  delegate  is  in  noncompliance  with  this 
Article.    When  the  Superintendent  examines  an  authorized  delegate's  operations, 
the  authorized  delegate  shall  pay  all  reasonably  incurred  costs  of  such  examination. 
When  the  Superintendent  examines  a  licer\see's  location  within  the  State,  the 
licensee  shall  pay  all  reasonably  incurred  costs  of  such  examination. 

SECTION  15  -  MAINTENANCE  OF  RECORDS 

A.        Each  licensee,  shall  make,  keep  and  preserve  the  following  books, 
accounts  and  other  records  for  a  period  of  three  (3)  years: 

(1)  a  record  or  records  of  each  payment  iristrument  sold; 

(2)  a  general  ledger  containing  all  assets,  liability,  capital, 
income  and  expense  accounts  (which  general  ledger  shall 
be  posted  at  least  monthly); 

(3)  Settlement  sheets  received  from  authorized  delegates; 

(4)  bank  statements  and  bank  reconciliation  records; 

(5)  records  of  outstanding  payment  instrimients; 

(6)  records  of  each  payment  irxstrument  paid  within  the  three 
(3)  year  period; 

(7)  a  list  of  the  names  and  addresses  of  all  of  the  licensee's 
authorized  delegates. 
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B .  Maintenance  of  such  documents  as  are  required  by  this  section  in  a 
photographic,  electronic  or  other  similar  form  shall  constitute  compliance  with  this 
section. 

C.  Records  may  be  maintained  at  a  location  other  than  within  this  State  so 
long  as  they  are  made  accessible  to  the  Superintendent  on  seven  (7)  days  written 
notice. 

SECTION  16  -  CONFIDENTIALITY  OF  DATA  SUBMITTED  TO  THE 
SUPERINTENDENT 

A.  Notwithstanding  any  other  provision  of  law,  all  information  or  reports 
obtained  by  the  Department  from  an  applicant,  licensee  or  authorized  delegate, 
whether  obtained  through  reports,  applications,  examination,  audits,  investigation, 
or  otherwise,  including,  but  not  limited  to:    (a)  all  information  contained  in  or 
related  to  examination,  investigation,  operating,  or  condition  reports  prepared  by, 
on  behalf  of,  or  for  the  use  of  the  Department;  or  (b)  financial  statements,  balance 
sheets,  or  authorized  delegate  information,  are  confidential  and  may  not  be 
disclosed  or  distributed  outside  the  Department  by  the  Superintendent  or  any  officer 
or  employee  of  the  Department.   The  Superintendent,  however,  may  provide  for 
the  release  of  information  to  representatives  of  state  or  federal  agencies  who  state  in 
writing  under  oath  that  they  shall  maintain  the  confidentiality  of  such  information 
if:   (a)  the  licensee  provides  consent  prior  to  the  release;  or  (b)  the  Superintendent 
finds  that  the  release  is  reasonably  necessary  for  the  protection  of  the  public  and  in 
the  interests  of  justice,  and  the  licensee  has  been  given  prior  notice  by  the 
Superintendent  of  its  intent  to  release  such  information. 

B.  Nothing  in  this  Section  shall  prohibit  the  Superintendent  from 
releasing  to  the  public  a  list  of  persons  licensed  under  this  Article  or  to  release 
aggregated  financial  data  on  such  licensees. 
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SECTION  17  -  SUSPENSION  OR  REVOCATION  OF  LICENSES 

After  notice  and  hearing,  the  Superintendent  may  suspend  or  revoke  a 
licensee's  license  if  the  Superintendent  finds  that: 

A.  Any  fact  or  condition  exists  that,  if  it  had  existed  at  the  time  when  the 
licensee  applied  for  its  license,  would  have  been  grounds  for  denying  such 
application; 

B.  The  licensee's  net  worth  becomes  inadequate  and  the  licensee,  after  ten 
(10)  days  written  notice  from  the  Superintendent,  fails  to  take  such  steps  as  the 
Superintendent  deems  necessary  to  remedy  such  deficiency; 

C.  The  licensee  knowingly  violates  any  material  provision  of  this  Article 
or  any  rule  or  order  validly  promulgated  by  the  Superintendent  under  authority  of 
this  title; 

D.  The  licensee  is  conducting  its  business  in  an  unsafe  or  unsound 
manner; 

E.  The  licensee  is  insolvent; 

F.  The  licensee  has  suspended  payment  of  its  obligations,  has  made  an 
assignment  for  the  benefit  of  its  creditors,  or  has  admitted  in  writing  its  inability  to 
pay  its  debts  as  they  become  due; 

G.  The  licensee  has  applied  for  an  adjudication  of  bankruptcy, 
reorganization,  arrangement,  or  other  relief  under  any  bankruptcy. 

H.        The  licensee  refuses  to  permit  the  Superintendent  to  make  any 
examination  authorized  by  this  Article;  or 

I.         The  licerisee  willfully  fails  to  make  any  report  required  by  this  Article. 

SECTION  18  -  AUTHORIZED  DELEGATE  CONTRACTS 

Licensees  desiring  to  conduct  licensed  activities  through  authorized 
delegates  shall  authorize  each  delegate  to  operate  pursuant  to  an  express  written 
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contract,  which  for  contracts  entered  into  after  the  effective  date  of  this  act,  shall 
provide  the  following: 

A.  That  the  licensee  appoints  the  person  as  its  delegate  with  authority  to 
engage  in  money  transmission  on  behalf  of  the  licensee; 

B.  That  neither  a  licensee  nor  an  authorized  delegate  may  authorize  sub- 
delegates  without  the  written  consent  of  the  Superintendent; 

C.  That  licensees  are  subject  to  supervision  and  regulation  by  the 
Superintendent. 

SECTION  19  -  AUTHORIZED  DELEGATE  CONDUCT 

A.  An  authorized  delegate  shall  not  make  any  fraudulent  or  false 
statement  or  misrepresentation  to  a  licensee  or  to  the  Superintendent. 

B.  All  money  transmission  or  sale  or  issuance  of  payment  iiistrument 
activities  conducted  by  authorized  delegates  shall  be  strictly  in  accordance  with  the 
licensee's  written  procedures  provided  to  the  authorized  delegate. 

C.  An  authorized  delegate  shall  remit  all  money  owing  to  the  licensee  in 
accordance  with  the  terms  of  the  contract  between  the  licensee  and  the  authorized 
delegate.  The  failure  of  an  authorized  delegate  to  remit  all  money  owing  to  a 
licensee  within  the  time  presented  shall  result  in  liability  of  the  authorized  delegate 
to  the  licensee  for  three  times  the  licensee's  actual  damages.  The  Commissioner 
shall  have  the  discretion  to  set,  by  regulation,  the  maximum  remittance  time. 

D.  An  authorized  delegate  is  deemed  to  consent  to  the  Superintendent's 
inspection,  with  or  without  prior  notice  to  the  licensee  or  authorized  delegate(s),  of 
the  books  and  records  of  authorized  delegates(s)  of  the  licensee  when  the 
Superintendent  has  a  reasonable  basis  to  believe  that  the  licensee  or  authorized 
delegate  is  in  noncompliance  with  this  Article;  and 

E.  An  authorized  delegate  is  under  a  duty  to  act  only  as  authorized  under 
the  contract  with  the  licensee  and  that  an  authorized  delegate  who  exceeds  its 
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authority  is  subject  to  cancellation  of  its  contract  and  further  disciplinary  action  by 
the  Superintendent. 

F.  All  funds  (less  fees)  received  by  an  authorized  delegate  of  a  licensee 
from  the  sale  or  delivery  of  a  payment  instrument  issued  by  a  licensee  or  received  by 
an  authorized  delegate  for  transmission  shall,  from  the  time  such  funds  are 
received  by  such  authorized  delegate  until  such  time  v^^hen  the  funds  or  an 
equivalent  amount  are  remitted  by  the  authorized  delegate  to  the  licensee, 
constitute  trust  funds  ownied  by  and  belonging  to  the  Iicer\see.  If  an  authorized 
delegate  commingles  any  such  fimds  with  any  other  funds  or  property  owned  or 
controlled  by  the  authorized  delegate,  all  commingled  proceeds  and  other  property 
shall  be  impressed  with  a  trust  in  favor  of  the  licensee  in  an  amount  equal  to  the 
amount  of  the  proceeds  due  the  licensee. 

G.  An  authorized  delegate  shall  report  to  the  licensee  the  theft  or  loss  of 
payment  instruments  within  24  hours  from  the  time  it  knew  or  should  have 
known  of  such  theft  or  loss. 

SECTION  20  -  REVOCATION  OR  SUSPENSION  OF  AUTHORIZED 
DELEGATES 

A.        If,  after  notice  and  a  hearing,  the  Superintendent  finds  that  any 

authorized  delegate  of  a  licensee  or  any  director,  officer,  employee,  or  controlling 

person  of  such  authorized  delegate:   (1)  has  violated  any  provision  of  this  Article  or 

of  any  rule  or  regulation  or  order  issued  under  this  Article;  (2)  has  engaged  in 

participated  in  any  unsafe  or  unsound  act  v/ith  respect  to  the  business  of  selling  or 

issuing  payment  instruments  of  the  licensee  or  the  business  of  money  transmission; 

or  (3)  has  made  or  caused  to  be  made  in  any  application  or  report  filed  with  the 

Superintendent  or  in  any  proceeding  before  the  Superintendent,  any  statement 

which  was  at  the  time  and  in  the  circumstances  under  which  it  was  made,  false  or 

misleading  with  respect  to  any  material  fact,  or  has  omitted  to  state  in  any  such 
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application  or  report  any  material  fact  which  is  required  to  be  stated  therein,  the 
Superintendent  may  issue  an  order  suspending  or  barring  such  authorized  delegate 
from  continuing  to  be  or  becoming  an  authorized  delegate  of  any  licensee  during 
the  period  for  which  such  order  is  in  effect.  Upon  issuance  of  such  order,  the 
licensee  shall  terminate  its  relationship  with  such  authorized  delegate  according  to 
the  terms  of  the  order. 

B.         (1)        Any  authorized  delegate  to  whom  an  order  is  issued  under  this 
Section  may  apply  to  the  Superintendent  to  modify  or  rescind  such  order.  The 
Superintendent  shall  not  grant  such  application  unless  the  Superintendent  finds 
that  it  is  in  the  public  interest  to  do  so  and  that  it  is  reasonable  to  believe  that  such 
person  will,  if  and  when  such  person  is  permitted  to  resume  being  an  authorized 
delegate  of  a  licensee,  comply  with  all  applicable  provisions  of  this  Article  and  of 
any  regulation  and  order  issued  under  this  Article. 

(2)       The  right  of  any  authorized  delegate  to  whom  an  order  is  issued 
under  this  Section  to  petition  for  judicial  review  of  such  order  shall  not  be  affected 
by  the  failure  of  such  person  to  apply  to  the  Superintendent  to  modify  or  rescind  the 
order. 

SECTION  21  -  LICENSEE  LIABILITY 

A  licensee's  responsibility  to  any  person  for  a  money  transmission  conducted 
on  that  person's  behalf  by  the  licensee  or  the  licensee's  authorized  delegate  shall  be 
limited  to  the  amount  of  money  transmitted  or  the  face  amount  of  the  payment 
instrument  purchased. 

SECTION  22  -  HEARINGS  -  PROCEDURES 

The  provisions  of  the  uniform  Administrative  Procedures  Act  shall  apply  to 
any  hearing  afforded  pursuant  to  this  Article. 
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SECTION  23  -  CIVIL  PENALTIES 

A.  If,  after  notice  and  hearing,  the  Superintendent  finds  that  a  person  has 
intentionally  violated  this  Act  or  a  rule  adopted  under  this  Act,  the  Superintendent 
may  order  the  person  to  pay  to  the  Superintendent  a  civil  penalty  in  an  amount 
specified  by  the  Superintendent,  not  to  exceed  One  Thousand  Dollars  ($1,000)  for 
each  violation  or,  in  the  case  of  a  continuing  violation.  One  Thousand  Dollars 
($1,000)  for  each  day  that  the  violation  continues.   No  such  proceeding  shall  be 
initiated  and  no  penalty  shall  be  assessed  pursuant  to  this  Section  until  after  such 
person  has  been  notified  in  writing  of  the  nature  of  the  violation  and  has  been 
afforded  a  reasonable  period  of  time,  as  set  forth  in  the  notice,  to  correct  the 
violation  and  has  failed  to  do  so.    The  provisions  of  the  Uniform  Administrative 
Procedures  Act  shall  apply  to  such  hearing. 

B.  The  Superintendent,  in  the  exercise  of  his  reasonable  judgment,  is 
authorized  to  compromise,  settle,  and  collect  civil  penalties  with  any  person  for 
violations  of  any  provision  of  this  Article,  or  of  any  rule,  regulation  or  order  issued 
or  promulgated  pursuant  to  this  Article. 

SECTION  24  -  ENFORCEMENT 

A.  If  it  appears  to  the  Superintendent  that  any  person  has  committed  or  is 
about  to  commit  a  violation  of  any  provision  of  this  Article  or  of  any  rule  or  order 
of  the  Superintendent,  the  Superintendent  may  apply  to  the 

court  for  an  order  enjoining  such  person  from  violating 

or  continuing  to  violate  this  Article  or  any  rule,  regulation  or  order  and  for 
injunctive  or  such  other  relief  as  the  nature  of  the  case  may  require. 

B.  The  Superintendent  may  enter  into  consent  orders  at  any  time  with 
any  person  to  resolve  any  matter  arising  under  this  Article.   A  consent  order  must 
be  signed  by  the  person  to  whom  it  is  issued  or  a  duly  authorized  representative, 
and  must  indicate  agreement  to  the  terms  contained  therein.   A  consent  order  need 
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not  constitute  an  admission  by  any  person  that  any  provision  of  this  Article,  or  any 
rule,  regulation  or  order  promulgated  or  issued  thereunder  has  been  violated,  nor 
need  it  constitute  a  finding  by  the  Superintendent  that  such  person  has  violated  any 
provision  of  this  Article  or  any  rule,  regulation  or  order  promulgated  or  issued 
thereunder. 

C.        Notwithstanding  the  issuance  of  a  consent  order,  the  Superintendent 
may  seek  civil  or  criminal  penalties  or  compromise  civil  penalties  concerning 
matters  encompassed  by  the  consent  order,  unless  the  consent  order  by  its  terms 
expressly  precludes  the  Superintendent  from  so  doing. 

SECTION  25  -  CRIMINAL  PENALTIES 

A.  Any  person  who  knowingly  and  willfully  violates  «iny  provision  of 
this  Article  for  which  a  penalty  is  not  specifically  provided  is  guilty  of  a 
misdemeanor. 

B.  Any  person  who  knowingly  and  willfully  makes  a  material,  false 
statement  in  any  document  filed  or  required  to  be  filed  under  this  Article  with  the 
intent  to  deceive  the  recipient  of  the  document  is  guilty  of  a  felony. 

C.  Any  person  who  knowingly  and  willfully  engages  in  the  business  of 
money  transmission  without  a  license  as  provided  herein  shall  be  guilty  of  a  felony. 

SECTION  26  -  PROMULGATION  OF  RULES 

All  rules  and  regulations  promulgated  by  the  Superintendent  pursuant  to 
authority  conferred  by  this  Article  will  be  in  accordance  with  the  Uniform 
Administrative  Procedures  Act.   In  addition  thereto,  at  the  time  the  Superintendent 
files  a  notice  of  proposed  adoption,  amendment  or  repeal  of  a  rule  for  public 
comment,  a  copy  of  said  notice  will  be  sent  by  regular  U.S.  mail,  postage  prepaid,  to 
all  then  current  licensees  and  applicants  for  licenses  under  this  Article. 
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SECTION  27  -  SEVERABILITY 

Should  any  provision,  sentence,  clause,  section  or  part  of  this  Article  for  any 
reason  be  held  unconstitutional,  illegal  or  invalid,  such  unconstitutionality, 
illegality,  or  invalidity  shall  not  affect  or  impair  any  of  the  remaining  provisions, 
sentences,  clauses,  sections  or  part  of  this  Article.  It  is  hereby  declared  to  be  the 
intention  of  this  Legislature  that  this  Article  would  have  been  adopted  had  such 
uncor\stitutional,  illegal  or  invalid  sentence,  clause,  section  or  part  thereof  not  been 
included  herein. 

SECTION  28  -APPOINTMENT  OF  SUPERINTENDENT  AS  AGENT  FOR 
SERVICE  OF  PROCESS 

A.  Any  licensee,  authorized  delegate  or  other  person  who  knowingly 
engages  in  business  activities  that  are  regulated  under  this  Article,  with  or  without 
filing  an  application,  is  deemed  to  have  done  both  of  the  following: 

(1)  Consented  to  the  jurisdiction  of  the  courts  of  this  State  for 
all  actions  arising  vmder  this  Article;  and 

(2)  Appointed  the  Superintendent  as  his  lawful  agent  for  the 
purpose  of  accepting  service  of  process  in  any  action,  suit 
or  proceeding  that  may  arise  under  this  Article. 

B.  Within  three  business  days  after  service  of  process  upon  the 
Superintendent,  the  Superintendent  shall  transmit  by  certified  mail  copies  of  all 
lawful  process  accepted  by  the  Superintendent  as  an  agent  to  that  person  at  its  last 
known  address.  Service  of  process  shall  be  considered  complete  three  (3)  business 
days  after  the  Superintendent  deposits  copies  of  the  documents  in  the  United  States 
mail. 

SECTION  29  -  MULTIPLE  LICENSES 

Any  person  licensed  under  this  Article  shall  not  be  required  also  to  obtain  a 
separate  license  to  engage  in  either  the  cashing  of  checks  or  the  exchange  of  foreign 
currency  in  the  State. 
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SECnON  30  -  EFFECTIVE  DATE 

This    article    shall   be    effective    on 


Every  person  engaged  in  activities  within  this  State  encompassed  by  this  Article  at 
the  time  of  the  Article's  adoption,  except  those  persons  already  licensed  under 

in  this  State,  shall  file  an  application  in  accordance  with 

the  provisions  of  this  Article  within  three  months  after  the  date  this  Article 
becomes  effective.    Those  persons  already  licensed  under in 


this  State  must  file  an  application  for  a  renewal  licer\se  pursuant  to  this  Article 
within  three  months  after  the  date  this  Article  becomes  effective.   No  person  shall 
be  deemed  to  be  in  violation  of  this  Article  for  operating  without  a  license  if  it  files 
an  application  within  such  three  month  period,  vmless  and  imtil  such  application  is 
denied. 
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Preliminary  Views 

MARCH  26, 1996 


AD  HOC  INDUSTRY  GROUP 
OF  MONEY  TRANSMITTERS 

THE  SERVICES  THEY  PROVIDE  AND  THE  HIGH  TECHNOLOGY 
CHALLENGE  OF  THE  FUTURE 


INTRODUCTION 

News  of  the  technology  revolution  in  data  communications  is  ever^'where. 
That  revolution  includes  new  ways  to  transmit  hinds  through  the  use  of  the 
Internet  and  such  devices  as  smart  cards.  Along  with  this  new  technologv, 
non-tradihonal  funds  transfer  companies  are  appearing  that  claim  the  capabilitv 
of  transmitting  money  using  the  new  technology.  These  developments,  in  turn, 
have  given  rise  to  concerns  in  the  United  States  by  regulators  and  the  financial 
industry  alike  -  both  banks  and  non-banks  -  concerning  the  adequacy  of 
existing  regulation  of  funds  transfer  providers  and  the  overriding  public  interest 
in  safety  and  soundness. 

The  traditional  non-bank  money  transmitter  industry  ~  a  diverse  group  of 
non-depository  financial  institutions  that  provides  critical  financial  services  to 
the  public  at  affordable  prices  ~  will  play  a  vital  role  in  the  future  development 
and  implementation  of  new  funds  transfer  products.  In  the  forefront  of  this 
industry  are  members  of  the  Ad  Hoc  Industry  Group  of  Non-Bank  Monev 
Tfetnsmitters  (the  "Ad  Hoc  Group"),  all  nationally  known  "household  names" 
that  have  established  reputations  with  customers  and  regulators  for  safe,  sound 
and  reliable  money  transmission  and  sale  of  checks  services  -  Travelers  Express 
Company,  Inc.,  Comdata  Network,  Inc.,  Thomas  Cook  Inc.,  Citicorp  Services, 
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Inc.,  Western  Union  Financial  Ser\'ices,  Inc.,  Integrated  Payment  Systen^s  Inc. 
and  American  Express  Travel  Related  Services  Company,  Inc.  Some  of  these 
companies  have  been  providing  financial  services  since  the  1800's. 

The  Ad  Hoc  Group  represents  these  major  non-bank  money  transmitters' 
interests  in  legislative  <md  regulatory  matters.  For  many  years,  the  Ad  Hoc 
Group  has  worked  with  federal  amd  state  officials  —  including  the  United  States 
Department  of  the  Treasury,  state  banking  departments  and  the  Money 
Transmitter  Regulators  Association  ("MTRA")  --  to  promote  regulation  of  non- 
bank  money  transmitters  that  is  both  in  the  public  interest  and  cost-effective  for 
the  industry.  The  Ad  Hoc  Group  intends  to  continue  its  efforts  to  insure  that  a 
regulatory  environment  exists  which  will  promote  the  safety  and  soundness  of 
the  new  high  technology  funds  transfer  products. 

I.         THE  AD  HOC  GROUP  MEMBERS  PROVIDE  COST  EFFECTIVE 
MONEY  TRANSMITTER  SERVICES 

The  Ad  Hoc  Group  members,  as  the  major  traditional  non-bank  providers 
of  money  transmission  services  offered  to  the  American  public,  provide  sales  of 
money  orders,  foreign  currency-denominated  checks,  travelers  checks  and 
domeshc  and  foreign  funds  transfers.  In  general,  the  primary  divisions  in  the 
industry  are  between  domestic  and  foreign  transmitters,  those  that  ser\'e 
consumer  and /or  commercial  customers,  those  that  specialize  in  a  particular 
type  of  payment  instrument  (e.g.,  travelers  checks,  money  orders)  and  those  that 
concentrate  in  specific  geographic  or  ethnic  markets. 

Traditional  non-bank  money  transnnitters  have  established  a  solid  and 
growing  base  of  customers.  The  traditional  non-bank  money  transmitters  serve: 
(1)  the  "unbanked"  customers  who  can  no  longer  afford  banks  but  who  need 
domestic  check  and  wire  payment  order  services;  (2)  traditional  bank  customers 
who  need  emergency  or  low-cost  funds  transfer  services;  (3)  customers  who  need 
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to  transfer  money  reliably  and  quickly  to  other  nations;  (4)  foreign  visitors  or 
domestic  tourists  who  have  no  local  bank  account;  and  (5)  businesses  that  desire 
quality  financial  services  at  economical  prices.  In  addition,  traditional  non-bank 
money  transmitters  provide  tailored,  specialized  financial  services  to  middle  and 
small  size  businesses.  With  the  advent  of  the  new  high  technology  funds  transfer 
products,  the  Ad  Hoc  Group  expects  the  customer  base  to  expand  even  further. 

Traditional  non-bank  money  transmitters,  such  as  the  Ad  Hoc  Group 
members  offer  many  advantages  to  their  customers,  including: 

•  servicing  major  segments  of  the  U.S.  population  that  are  effectively 
foreclosed  from  access  to  traditional  depository  institutions 

•  imposing  no  requirements  to  obtain  cash-like  or  check-like  products 

•  offering  convenient  locations,  access,  and  expanded  hours  of  service 
through  a  network  of  local  neighborhood  businesses  such  as 
convenience  stores,  supermarkets,  pharmacies,  travel  agents,  gas 
stations  and  other  retail  outlets 

•  providing  individualized  services  such  as  staff  conversant  in  foreign 
languages  and  the  ability  to  transmit  funds  to  inaccessible  foreign 
locations 

•  providing  quick  access  to  emergency  funds 

The  Ad  Hoc  Group  members,  like  banks,  are  concerned  with  issues 
relating  to  safety  and  soundness  in  the  industry.  As  a  result,  the  Ad  Hoc  Group 
has  supported  constructive  efforts  to  foster  safety  and  soundness  and  has 
engaged  in  self-help  policing  efforts  to  ensure  compliance  with  pertinent  laws. 
Ad  Hoc  Group  members,  through  these  efforts,  not  only  have  earned  the  public's 
trust  for  services  that  are  both  reliable  and  secure,  but  have  achieved  credibilitv 
with  regulators. 

The  Ad  Hoc  Group  members  compete  with  each  other,  with  banks  and 
other  depository  institutions,  and  expect  to  compete  with  new  entrants  in  the 
expanding  funds  transmission  business  ~  both  banks  and  new  non-banks. 
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II.        REGULATION  OF  NON-BANK  MONEY  TRANSMISSION  SERVICES 
EXISTS  IN  THE  UNITED  STATES 

States  —  not  the  federal  government  -  have  been  primarily  responsible  for 
ensuring  safet)'  and  soundness  in  non-bank  money  transmission  services.  Over 
forty  states  currently  regulate  and  license  the  business  of  check  selling  and  a 
lesser  number  regulate  electronic  funds  transmission.  The  Ad  Hoc  Group 
members  actively  support  state  licensing  efforts  aimed  at  protecting  consumers 
against  financial  loss  and  oppose  the  operation  of  unauthorized  or  unlicensed 
money  transmitters. 

Prior  to  entering  the  business  of  non-bank  funds  transmission,  an 
applicant  for  a  License  under  a  typical  state  licensing  law  must  submit  detailed 
information  concerning  operations,  management,  pertinent  regulatory  history, 
financial  statements,  background  of  key  managers,  litigation  history,  clearing 
bank  and  proposed  business  locations.   Moreover,  to  obtain  a  license,  an 
applicant  must  demonstrate  that  it  will  operate  its  business  in  a  safe  amd  sound 
manner.  Most  states  also  require  that  a  licensee  post  a  bond  and  virtually  all 
states  require  money  transmitters  to  meet  specified  net  worth  requirements. 

Moreover,  on  a  continuing  basis,  licensees  are  required  to  file  reports  on  a 
regular  basis  with  state  authorities  concerning  many  facets  of  operations 
including  financial  condition,  volume  of  business,  lists  of  authorized  vendors, 
and  other  information.  Furthermore,  almost  half  of  the  states  have  statutes  that 
relate  to  money  laundering  and  the  Ad  Hoc  Group  supports  state  laws  that 
mirror  federal  anti-money  laundering  laws. 

In  addition  to  reporting  requtrerrierits,  state  licensees  are  subject  to  a 
variety  of  operating  requirements.  For  example,  there  is  a  growing  trend  at  the 
state  level  to  require  licensees  to  maintain  "permissible"  investments  equal  to  the 
amount  of  outstanding  pavment  instruments.  Thus,  a  "permissible  investment" 
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provision  for  licensed  non-banks  is,  in  effect,  a  lOOSb  reserve  requirement,  far  in 
excess  of  the  reserves  required  to  be  maintained  by  banks. 

Many  states  conduct  on-site  examinations  of  licensees,  usually  at  the 
licensee's  expense,  to  ensure  that  operations  are  being  conducted  in  accordance 
with  pertinent  law.  A  growing  number  of  states  also  examine  a  licensee's 
compliance  with  pertinent  money  laundering  laws.  The  Ad  Hoc  Group  has 
supported  the  MTRA's  efforts  to  implement  an  examination  sharing  agreement 
to  permit  states  to  conduct  joint  examinations. 

III.      REGULATION  OF  HIGH  TECHNOLOGY  FUNDS  TRANSFER 
SERVICES 

The  pending  introduction  of  new  high  technology  funds  transfer  services 

by  non-banks  has  raised  concerns  about  whether  the  existing  state  sale  of 

checks/ money  transmitter  laws  apply  to  non-banks  which  utilize  the  new 

technology.  The  answer  to  this  issue  is  complex  and  depends,  to  some  extent,  on 

what  type  of  product  is  involved. 

A.        Stored  Value  -  Including  "Smart  Cards" 

One  new  high  technology  vehicle  is  the  stored  value  card.  Stored  value 
cards  can  be  issued  either  as  a  mag-stripe  card  or  as  a  so-called  "smart  card." 
Smart  cards  are  plastic  cards  the  size  of  a  credit  card  which  contain  a  computer 
"chip"  which  can  be  loaded  with  value  and  other  data.  Stored  value  cards  are 
issued  currently  by  banks,  by  traditional  non-banks  emd  such  entities  as  colleges, 
transportation  systems,  communications  companies,  etc.  Stored  value  cards 
which  can  be -accepted  only  by  the  issuer  (such  as  a  prepaid  phone  card)  are 
designated  as  "closed  systems."  Some  stored  value  cards  can  be  used  in  an  open 
system  (i.e.,  to  purchase  goods  and  services  offered  by  vendors  other  than  the 
issuer  of  the  card). 
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Stored  value  cards  issued  by  depository  institutions  are  probably  exempt 
under  most  state  non-bank  safety  and  soundness  laws  because  banks  are 
generally  exempt  under  such  laws.  Similarly,  stored  value  cards  issued  by  non- 
banks  for  use  only  in  closed  systems  probably  do  not  fall  within  the  jurisdiction 
of  state  sale  of  checks/money  transmission  laws.  Such  closed  system  smart  cards 
issued  by  merch<mts,  colleges  and  transportation  systems  represent  prepayment 
for  goods  and  services;  such  prepayments,  as  in  the  case  of  coupons  and 
promotions,  are  not  usually  viewed  as  falling  within  the  scope  of  the  state  sale  of 
checks  laws. 

As  to  stored  value  cards  issued  by  non-banks  for  use  in  "open  systems," 
those  products  are  already  subject  to  most  of  the  existing  state  sale  of 
checks/money  transmission  laws,  since  most  of  those  laws  define  a  "check"  to 
include  an  "instrument  for  the  transmission  of  monev."  Notably,  those  laws  to 
not  require  that  an  "instrument"  be  on  paper. 

Such  cards  are  the  modem  equivalent  of  multiple  issue  money  orders  or 
travelers  checks.  That  is,  customers  are  paying  a  third  party  and  receiving  a  card 
on  the  assumption  that  the  card  will  be  good  when  presented  for  the  purchase  of 
goods  and  services  at  diverse  locahons. 

Moreover,  it  is  particularly  important  that  such  open  system  stored  value 
cards  be  licensed  to  ensure  a  level  playing  field  among  competing  services.  The 
burdens  of  regulation  should  not  be  dependent  on  whether  the  money 
ttcmsmission  is  accomplished  with  a  piece  of  paper  rather  than  a  piece  of  plastic; 
form  should  not  govern  over  substance.  Moreover,  this  is  a  service  that  is 
attracting  many  new  non-bank  issuers,  other  than  the  traditional  non-bank 
money  transmitters. 
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B.        Internet  Payment  Mechanisms 

A  second  category  of  new  high  technology  funds  transfer  services  are 
those  credit  card  and  other  payment  systems  utilized  to  purchase  goods  and 
services  and/or  transfer  funds  on  the  Internet.  Although  some  new  "net"  funds 
transmission  products  may  be  novel,  others  may  merely  represent  a  new 
delivery  vehicle  for  a  traditional  product. 

Although  it  is  at  least  arguable  that  state  money  transmission  laws  that 
encompass  funds  transmissions  by  electronic  means  apply  to  "net"  funds 
transmissions,  it  is  not  possible  at  this  time  to  generalize  as  to  their  applicability 
to  all  net  funds  transmission  systems  —  there  are  simply  too  many  types  and 
more  are  evolving.  However,  state  regulatory  authorities  should  closely  examine 
"net"  funds  transmission  systems,  with  special  attention  to  those  where: 

•  The  Internet  transmitter  is  a  non-bank  which  is  "holding"  third 
party  funds; 

•  The  Internet  transmitter  is  a  non-bank  which  is  engaged  in  check 
issuing  or  other  activity  which  would  usually  require  a  license. 

In  short,  it  is  important  to  recogni2e  that  utilization  of  the  Internet  for  funds 

transfer  should  not  be  a  shield  from  complving  with  the  law. 

Moreover,  in  analyzing  the  regulatory  ramifications  of  each  such  "net" 

system  on  a  case  by  case  basis,  state  regulators  should  not  be  influenced  by  the 

arguments  that  regulation,  in  and  of  itself,  will  impede  technological  innovation. 

Rather,  the  states  should  be  working  together,  through  the  MTRA  and  in 

conjunction  with  federal  agencies,  to  coordinate  reasonable  approaches  to 

regulation  that  balance  safety  and  soundness  interests  with  the  needs  of  the 

fledgling  "net"  based  systems  to  develop. 
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IV.      CONCLUSION 

Traditional  non-bank  money  transmitters  in  the  United  States  are 
regulated,  safe  and  reliable.  The  Ad  Hoc  Group  members  have  a  demonstrated 
record  of  providing  cost  effective  money  transmission  services  since  the  1800's 
and  of  working  with  regulators  to  insure  the  primary  public  interest  concern  of 
safety  ^md  soundness  is  achieved.  The  Ad  Hoc  Group  will  continue  to  play  a 
vital  role  in  both  the  utilization  of  high  technology  funds  transfer  products  and 
in  insuring  the  safety  and  soundness  of  those  services  through  the  promotion  of 
fair  regulations. 
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While  the  Ad  Hoc  Group  members  are  the  major  vendors  of  money 
transmission  services  offered  to  the  American  public,  the  industry  is  composed 
of  many  firms,  including  small  single-outlet  money  order  issuers,  currency 
exchanges,  foreign  money  transmitters  and  regional  money  transmitters. 
"Money  transmitter"  is  a  term  that  is  used  to  describe  those  non-bank 
ir\stitutions  that  provide  services  including  sales  of  money  orders,  foreign 
currency-denominated  checks  and  travelers  checks,  domestic  and  foreign  funds 
transfers  by  wire  and  payment  orders,  and  cash  advances.^ 

The  primary  methods  of  delivering  these  services  include  face-to-face 
interactions  betv^een  employees  and  customers;  face-to-face  interactions  between 
independent  third-party  vendors  and  customers;  and  telephonic  and  electronic 
network  transactions.  In  general,  the  primary  divisions  in  the  industry  are 
between  domestic  and  foreign  transmitters,  those  that  serve  consumer  and /or 
commercial  customers,  those  that  specialize  in  a  particular  type  of  payment 
instrument  (e.g.,  money  orders),  and  those  that  concentrate  in  specific  geographic 
or  ethnic  markets. 

Non-bank  money  transmitters  have  established  a  base  of  customers  that 
includes  businesses  and  individuals  that  traditionally  used  banking  institutions 
but  now  prefer  the  convenience,  service  and  attractive  prices  of  non-banks. 
Additionally,  non-bank  money  transmitters  serve  those  customers  who  carmot 
afford  banks.  In  short,  the  range  of  customers  served  by  non-banks  includes:  (1) 
the  "unbanked"  customers  who  can  no  longer  afford  banks  but  who  need 


^      Although  check  cashers  are  sometimes  perceived  as  non-bank  money  transmitters, 
their  role  in  this  regard  usually  is  to  act  as  authorized  third-party  vendors  of  payment 
instruments  or  wire  transfer  services  offered  by  other  non-bank  money  transmitters. 
That  is,  check  cashers  conduct  on  their  own  behalf  the  business  of  check  cashing,  and  in 
some  instances  also  act  as  third-party  vendors  of  services  offered  by  money  trai\smitters. 
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domestic  check  and  wire  payment  order  services;  (2)  traditional  bank  customers 
who  need  emergency  or  low-cost  funds  transfer  services;  (3)  customers  who  need 
to  transfer  money  to  less  developed  nations;  (4)  foreign  visitors  or  domestic 
tourists  who  have  no  local  bank  account;  and  (5)  businesses  that  desire  quality 
financial  services  at  economical  prices. 

Non-bank  money  transmitters  of  whatever  size  have  one  thing  in  common 
—  they  deal  in  financial  transactions.  Therefore,  like  banks,  they  are  concerned 
with  issues  relating  to  money  laundering.  While  there  is  no  evidence  that  there 
is  widespread  fraud,  corruption  or  money  laundering  activity  at  non-bank 
money  transmitters,  the  Ad  Hoc  Group  and  many  other  industry  members  have 
supported  constructive  efforts  on  the  state  and  federal  level  to  deal  with  money 
laundering  concerns  and  have  engaged  in  self-help  policing  efforts  to  ensure 
compliance  with  pertinent  state  and  federal  currency  reporting  and 
recordkeeping  requirements. 

I.  NON-BANK  MONEY  TRANSMITTERS  PROVIDE 

ECONOMICAL  FINANCIAL  SERVICES  TO  BOTH  THE 
UNBANKED  AND  TRADITIONAL  BANK 
CUSTOMERS. 

Non-bank  money  transmitters  serve  a  major  segment  of  the  U.S. 

population  —  low  and  moderate-income  families  —  that  is  effectively  foreclosed 

from  access  to  traditional  depository  institutions.  For  example,  data  released  by 

the  Federal  Reserve  Board  confirms  a  dramatic  increase  in  the  last  decade  in  the 

percentage  of  households  that  maintain  no  deposit  account  of  any  type.^  This 

phenomenon  is  pronounced  among  moderate-  to  low-income  households,  and 


''      Arthur  Kennickell  and  Janice  Shack-Marquez,  Changes  In  Family  Finances  from  1983 
to  1989:  Evidence  from  the  Survey  of  Consumer  Finances.  Federal  Reserve  Bulletin, 
January  1992. 
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among  the  youngest  and  least  educated  segments  of  the  population.  In  fact,  for 
those  Americans  making  less  than  $12,000  annually,  more  than  40%  have  no 
bank  account.^ 

In  addition,  particularly  in  the  wake  of  the  recent  wave  of  bank  failures, 
mergers,  and  consolidations,  banks  in  major  cities  throughout  the  United  States 
are  more  likely  to  be  situated  in  high-income,  low-minority  neighborhoods* 
Following  deregulation  of  the  banking  industry  in  the  1980s,  there  was  a  mass 
exodus  of  banks  from  the  iimer  cities  and,  concomitantly,  banks  began  charging 
fees  for  consumer  services  that  were  once  offered  for  little  or  no  cost7   Since  1990 
alone,  fees  charged  by  banks  for  checking  accounts  and  other  retail  banking 
services  have  risen  substantially.*  The  Federal  Reserve  Board,  in  an  annual 
report  to  Congress,  recently  affirmed  that  "[a]  trend  in  the  direction  of  higher 
fees  is  readily  apparent"  among  banks.' 

As  a  result  of  these  factors  -  fewer  banks  and  higher  retail  costs  for  basic 
bank  services  ~  many  Americans  have  become  "unbanked"  in  that  they  maintain 
no  depository  account  or  a  minimal  presence  such  as  a  savings  account.  By  one 
estimate,  there  are  now  at  least  "15  million  households  without  traditional 


5  John  P.  Caskey,  Banks.  Check-Cashing  Outlets.  Pawnshops  and  the  Poor. 
monograph,  July  1993,  at  Table  4.1. 

6  M.  at  Table  4.3 

7  Neal  St.  Anthony,  Check  Cashers  Want  A  Little  Credit.  Minneapolis  Star  Tribune, 
September  13, 1993,  at  ID. 

8  One  account  reports  that  bank  fees  have  risen  18%.  Sgg  Kenneth  H.  Bacon,  Banks' 
Services  Grow  Costlier  For  Consumers.  Wall  St.  J.,  November  18, 1993. 

'      Board  of  Governors  of  the  Federal  Reserve  System,  Annual  Report  to  Congress  on 
Retail  Fees  and  Services  of  Depository  Institutions.  June  1992,  at  1;  see  aisa  Board  of 
Governors  of  the  Federal  Reserve  System,  Annual  Report  to  Congress  on  Retail  Fees  and 
Services  of  Depository  Institutions.  June  1991,  at  1  (finding  that  "(mjore  readily  apparent 
is  an  overall  trend  toward  higher  fees  for  retail  banking  services")- 
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banking  relationships,  [comprised]  chiefly  [of]  the  poor,  immigrants,  and  others 
who,  for  such  reasons  as  income  and  culture,  have  shunned,  or  been  shunned  by, 
banks. "^o  Those  15  million  or  more  families  need  the  ability  to  obtain  negotiable 
instruments  to  pay  bills,  to  transmit  funds  to  relatives,  and  to  conduct  routine 
day-to-day  financial  transactions.  With  little  or  no  access  to  banks,  these 
individuals  have  turned  to  the  economical  services  offered  by  non-bank  money 
transmitters. 

A  vast  network  of  local  neighborhood  businesses  such  as  convenience 
stores,  supermarkets,  pharmacies,  travel  agents,  gas  stations  and  other  retail 
outlets  sell  money  orders  and  other  financial  services  as  third-party  vendors  for 
non-bank  money  transmitters.  This  network  affords  customers  convenient 
locations,  access  and  expanded  hours  of  service.  For  example.  Travelers  Express 
Company,  Inc.,  the  nation's  largest  issuer  of  money  orders,  has  over  40,000 
locations  nationwide;"  Western  Uruon  operates  through  a  network  of 
approximately  18,000  money  transmission  agents  nationwide;' ^  and  American 
Express®  Money  Orders  are  sold  at  approximately  55,000  locations  in  the  United 
States,  while  MoneyGram^M  from  American  Express  is  offered  at  approximately 
11,000  domestic  locations.'^ 


'°    Suzanne  Woolley,  Western  Union  Banks  on  the  'Unbanked'.  Bus.  Wk.,  No.  3313, 
April  5, 1993,  at  70. 

'1     Statement  of  Janice  Mileo,  Vice  President  and  Corporate  Counsel,  Travelers  Express 
Company,  Inc.,  on  H.R.  3235,  the  Antimoney  Laundering  Act  of  1993,  before  the 
Subcommittee  on  Financial  Institutions  Supervision,  Regulation  and  Deposit  Insurance, 
October  20, 1993,  at  1. 

'2    Western  Union  Financial  Services,  Inc.,  February  1994. 

'^     Integrated  Payment  Systems  Inc.,  February  1994. 
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Additionally,  certain  non-bank  money  transmitters  and  their  third-party 
vendors  offer  unique,  individualized  services  such  as  providing  staff  conversant 
in  foreign  languages  or  the  ability  to  transmit  funds  to  inaccessible  foreign 
locations  that  banks  typically  do  not  serve.  Non-bank  money  transmitters  offer 
flexibility  by  allowing  customers  to  purchase  only  the  minimum  financial  service 
required  w^ithout  requiring  the  purchase  of  services  in  any  particular 
combination  or  dollar  amount,  and  without  requiring  that  customers  have  a 
depository  or  other  continuing  historical  relationship  with  the  nonbank  money 
transmitter  beyond  the  immediate  transaction  at  hand.  In  contrast,  some  banks 
will  not  sell  a  money  order  or  negotiable  instrument  unless  the  customer  has  an 
account  with  the  bank.  Consequently,  many  bank  customers  use  non-bank 
money  transmitters  for  particular  types  of  basic  services.  For  example,  for  a 
family  that  needs  a  few  checks  each  month  to  pay  obligations  such  as  rent, 
telephone  bills,  utilities  and  car  payments,  it  is  far  more  economical  to  purchase 
money  orders  than  to  maintain  a  checking  account. 

In  short,  many  Americans  are  turning  to  the  financial  services  offered  by 
non-bank  money  transmitters.  For  example,  money  order  sales,  a  bellwether  of 
industry  activity,  are  reported  to  be  on  the  upswing  despite  increased  usage  of 
automatic  teller  machines,  credit  cards  and  debit  cards.^'* 

Non-bank  money  transmitters  are  growing  in  no  small  measure  because 
of  the  wide  disparity  in  fees  charged  for  similar  services  by  non-banks  versus 
depository  institutions.  For  example,  in  Washington,  D.C.,  money  orders  cost  $5 
at  some  NationsBank  branches,  while  at  Western  Union  a  money  order  may  be 


The  NiJson  Report,  Issue  525,  June  1992,  at  9. 


-6- 


303 


purchased  for  75  cents. '^   Similarly,  wire  transfers  of  nnodest  amounts  of  funds  - 
under  $100,  for  example  --  cost  only  $15  at  Western  Union  but  can  cost  $25  at 
Washington,  D.C.  banks.  Likewise,  obtairung  a  check  in  foreign  currency  costs 
$20  to  $35  at  commercial  banks  such  as  Bank  of  America,  but  only  $7  at  Thomas 
Cook;  and  cashing  foreign-currency  checks  costs  $15  at  some  banks  in 
Washington,  D.C,  but  only  $3  at  Thomas  Cook,  Inc.*^ 

These  significant  differences  in  the  cost  of  services  occur  because  non- 
bank  money  transmitters  are  expertly  servicing  a  niche  market  and  have  certain 
economies  of  scale  that  banks  do  not  have.  In  addition,  in  metropolitan  areas 
where  the  demand  for  non-bank  financial  services  is  the  greatest,  retail  price 
competition  among  non-bank  money  transmitters  keeps  prices  for  these  services 
at  market  levels.  Price  competition  in  the  non-bank  money  transmitter  industry 
is  so  intense  that  authorized  vendors  sometimes  shift  between  transmitters  to 
obtain  better  prices  ~  sometimes  as  little  as  a  few  pennies  —  to  be  more 
competitive  in  the  retail  markets  they  serve. 

Because  profit  margins  are  slim,  and  because  the  dollar  amount  of 
individual  transactions  is  small  (typically,  for  example,  money  orders  are  not 
sold  in  denominations  exceeding  three  hundred  dollars'^),  banks  are  simply  not 
competing  for  this  type  of  retail,  mass  market  business.  Not  surprisingly,  at  least 
one  major  bank  recently  admitted  that  "we  decided  years  ago  that  we're  not  in 


^5     Kenneth  H.  Bacon,  Banks'  Services  Grow  Costlier  For  Consumers.  Wall  St.  J., 
November  18, 1993. 

16     Id. 

'''  Statement  for  the  Record  by  Travelers  Express  Company,  Inc.,  for  the  Permanent 
Subcommittee  on  Investigations'  hearing  on  "Current  Trends  in  Money  Laundering," 
February  27, 1992,  at  3. 
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the  money-order  business,"  and  that  providing  money  orders  is  not  part  of  its 
"core  business. "18  Thus,  banks  do  not  engage  in  price  competition  with  non- 
banks  in  providing  these  financial  services  and,  in  the  economic  environment  of 
the  1990s,  are  not  interested  in  providing  services  that  do  not  return  a  significant 
profit. 

Nonbank  money  transmitters  also  provide  immigrants  with  essential 
foreign  funds  transfer  services  which  often  are  the  only  practical  means  of 
transferring  funds  to  family  members  in  their  native  countries.  As  a  result  of  the 
recent  waves  of  immigration  from  the  Caribbean,  Southeast  Asia,  South  and 
Central  America,  and  Eastern  Europe,  the  specialized  foreign  funds  transfer 
services  provided  by  non-banks  are  in  great  demand,  particularly  in  those 
geographic  areas  where  such  immigrants  reside.  Because  of  their  presence  in 
ethnic  neighborhoods,  non-bank  money  transmitters  offer  more  convenient 
access  than  banks.  Non-bank  money  trarismitters  also  perform  international 
funds  transfers  without  the  delays  and  high  fees  commonly  associated  with  bank 
transfers.'^  Unlike  international  transfers  between  banks  ~  which,  because  of  the 
clearance  process,  may  take  4  to  6  working  days^o  —  transfers  through  a  non-bank 
money  transmitter  network  are  accomplished  almost  instantaneously. 

Facilitation  of  the  transmission  of  funds  by  immigrants  to  their  native 
lands  also  meets  an  important  U.S.  foreign  policy  goal.  The  economies  of 


^*    Kenneth  H.  Bacon,  Banks'  Services  Grow  Costlier  For  Consumers.  Wall  St.  ]., 

November  18, 1993. 

1^    Wilbert  O.  Bascom,  Remittance  Inflows  and  Economic  Development  in  Selected 
Anglophone  Caribbean  Countries.  Commission  for  the  Study  of  International  Migration 
and  Cooperative  Economic  Development,  No.  58,  July  1990,  at  20. 

^^     European  Payment  Systems  —  Tangled  Transfers.  The  Economist,  November  7,  1992, 
at  102. 
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developing  nations  are  to  a  large  extent  dependent  upon  funds  transferred  into 
the  country  by  citizens  working  abroad.  In  small,  developing  countries  such  as 
the  Dominican  Republic,  for  example,  remittances  of  funds  sent  home  by 
immigrants  working  in  the  United  States  can  constitute  the  principal  source  of 
hard  currency  and,  in  some  cases,  may  exceed  local  cash  income  from  all 
sources.21  Thus,  non-bank  money  transmitters,  which  can  facilitate  transfers  of 
funds  out  of  the  country,  in  many  cases  foster  developing  economies.22 

In  addition  to  providing  services  to  the  unbanked,  non-bank  money 
transmitters  provide  services  to  traditional  bank  customers  who  need  to  transfer 
funds  abroad  or  need  quick  access  to  emergency  funds.  Non-bank  money 
transmitters  also  serve  tourists,  both  foreign  and  domestic,  who  need  on-the-spot 
cash  and  the  ability  to  engage  in  financial  transactions  when  travelling  in  areas 
not  served  by  their  banks. 

Finally,  in  transactions  such  as  currency  exchange,  funds  transfer  and 
provision  of  foreign  currency  checks,  the  non-bank  money  transmitter  industry 
competes  directly  with  banks  in  providing  such  services  to  businesses 
throughout  the  United  States.  In  other  cases,  non-bank  money  transmitters 
provide  unique  funds  transmission  services  for  particular  kinds  of  businesses. 
For  example,  Comdata  Network,  Inc.  provides  funds  transfer  services  to  the 
trucking  industry  utilizing  truck  stops  throughout  the  United  States  as 
authorized  third-party  vendors. 


2^    Wilbert  O.  Bascom,  Remittance  Inflows  and  Economic  Development  in  Selected 
Anglophone  Caribbean  Countries.  Commission  for  the  Study  of  International  Migration 
and  Cooperative  Economic  Development,  No.  58,  July  1990,  at  12-14. 

22    Id- at  15. 
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In  sum,  non-bank  money  transmitters  are  multifaceted  businesses  that 
serve  many  public  needs  in  an  effective,  cost-competitive  and  efficient  manner. 
Non-bank  money  transmitters  constitute  a  vital  alternative  to  banks  by  serving  a 
growing  number  of  Americans  v^ho  need  low-cost  financial  services  and  cost 
conscious  businesses  that  seek  quality  service  at  economical  prices. 

II.        NON-BANK  MONEY  TRANSMITTERS  SHOULD  NOT  BE 
SINGLED  OUT  IN  THE  EFFORT  TO  COMBAT  MONEY 
LAUNDERING. 

There  is  no  evidence  that  money  laundering  of  drug  profits  is  occurring  in 
non-banks  at  a  rate  equal  to  or  greater  than  in  banks.^^    Recently,  after  months  of 
hearings  which  included  testimony  from  federal,  state  and  local  law  enforcement 
officials,  a  state  of  Florida  law  revision  task  force  reached  the  conclusion  that  no 
evidence  of  widespread  money  laundering  abuses  existed  within  the  non-bank 
money  transmitter  industry .^^    In  short,  stripped  of  exaggerated  and 
unsubstantiated  anecdotes,  there  is  simply  no  evidence  to  support  the  conclusion 
that  non-bank  money  transmitters  are  a  significant  part  of  the  problem  of  money 
laundering. 

Tliis  lack  of  evidence  is  in  part  due  to  the  fact  that  non-bank  money 
transmitters  actively  combat  abuses  of  the  system  and  in  part  because  non-bank 
financial  transactions  are  not  an  efficient  means  of  laundering  large  sums  of 
currency.  For  example,  with  respect  to  funds  transfers,  the  average  domestic 


^     For  example,  "[a]lthough  the  potential  for  abuse  has  been  obvious,  the  Florida 
Department  of  Banking  has  obtained  no  evidence  of  widespread  fraud  among  money 
transmitting  firms."  Wilbert  O.  Bascom,  Remittance  Lnfloufs  and  Economic  Development 
in  Selected  Anglophone  Caribbean  Countries.  Commission  for  the  Study  of  International 
Migration  and  Cooperative  Economic  Development,  No.  58,  July  1990,  at  20-21. 

'^^     This  conclusion  was  announced  at  the  task  force's  January  7, 1994  meeting. 
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funds  transfer  through  MoneyGram  from  American  Express  is  between  $250  and 
$350,  while  international  transfers  through  the  MoneyGram  system  average 
between  $450  and  $500.^5   Similarly,  less  than  2%  of  trarisfers  through 
MoneyGram  exceeds  $3,000.2^   Transactions  in  these  amounts  simply  are  not  an 
effective  method  of  large-scale  money  laundering  particularly  when,  in  addition 
to  the  fee,  a  record  of  the  transaction  is  created.  With  respect  to  money  orders, 
the  average  dollar  amount  of  a  Travelers  Express  money  order  is  approximately 
$100.2''  Travelers  Express  money  orders  are  also  generally  subject  to  a  $300  limit 
when  sold  by  retail  institutions  and  to  a  $1,000  limit  when  sold  by  financial 
institutions.^*  Logic  suggests  that,  as  a  practical  matter,  it  makes  little  sense  for  a 
launderer  to  pay  for  multiple,  small-denomination  money  orders  to  launder 
large  sums.  In  short,  while  there  have  been  isolated  instances  in  which 
individuals  have  utilized  non-banks  to  launder  funds,  the  costs  and  limitations 
inherent  in  the  products  and  services  offered  by  nonbank  money  transmitters 
provide  a  disincentive  for  their  widespread  use  for  money  laundering  purposes. 
It  is  much  easier  for  a  money  launderer  faced  with  the  task  of  moving  large  sums 
out  of  the  country  to  export  the  cash  by  plane. 


25  Letter  dated  October  4, 1993  from  Charles  W.  Brooks,  Presiderit,  Integrated  Payment 
Systems  Inc.,  to  Peter  Djinis,  Director,  Office  of  Financial  Enforcement,  Department  of  the 
Treasury,  at  10. 

26  M. 

27  Statement  for  the  Record  by  Travelers  Express  Company,  Inc.,  for  the  Permanent 
Subcommittee  on  Investigations'  hearing  on  "Current  Trends  in  Money  Laundering," 
February  27,  1992,  at  2. 

28  Id. 
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This  conclusion  --  that  non-bank  money  transmitters  on  the  whole  are 
least  likely  to  be  utilized  for  money  laundering  purposes  ~  is  supported  by  an 
analysis  of  developments  in  the  war  on  money  laundering. 

First,  there  is  increasing  evidence  that  wholesale  money  laundering  is 
accomplished  through  the  simple  expedient  of  physically  shipping  large 
amounts  of  U.S.  currency  abroad  to  countries  like  Colombia,  Panama  or  to  the 
Cayman  Islands  where  bank  secrecy  laws  prevail.  Such  transfers,  if  successful, 
involve  no  written  records  —  nothing  exists  to  trace  the  transfer  of  the  funds. 
Recent  reports  compiled  by  FinCEN^'  reveal  that  Colombia,  for  example,  a 
country  that  does  not  attract  a  large  amount  of  U.S.  tourist  dollars,  has  a 
significant,  unexplained  surplus  of  U.S.  currency.  According  to  U.S.  Government 
officials,  the  Colombian  drug  cartels  "repatriated  [to  the  U.S.]  anywhere  from  $4 
to  $10  billion  in  1992"  of  unreported  U.S.  currency .3°  It  is  widely  acknowledged 
that  large  scale  smuggling  of  hard  currency  out  of  the  United  States  continues  to 
go  undetected.3^ 

Second,  a  review  of  recent  money  laundering  cases  demonstrates  that  to 
launder  large  sums,  access  to  a  depository  institution  is  desirable.  While  the 
domestic  banks  attempt  to  prevent  money  laundering,  the  existence  of  only  one 
corrupt  employee  in  a  bank  can  be  sufficient  to  provide  access  to  legitimate 
money  transfer  systems.  For  example,  in  January  of  this  year  a  Luxembourg 


29  "FinCEN"  refers  to  the  Financial  Crimes  Enforcement  Network. 

30  FinCEN  Trends,  Fall  1993. 

31  See,  e.g..  Berkeley  Rice,  The  Cocaine  Express.  N.Y.  Times,  March  27, 1988,  Section  6, 
Part  2,  at  20  (Business  World  Magazine)  (noting  that,  "lf]or  the  Medellin  Cartel,  getting 
their  drug  earnings  out  of  the  United  States  has  in  some  respects  been  more  difficult  than 
getting  the  cocaine  in,"  and  noting  the  establishment  of  a  "going  rate  for  flying  drug 
money  out  of  the  country"). 
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bank  pled  guilty  to  laundering  millions  of  dollars  through  its  U.S.  correspondent 
bank.  Bank  of  America,  in  the  form  of  bundles  of  cashier's  checks  all  of  which 
were  drawn  on  U.S.  banks,  and  many  of  which  were  drawn  on  different  branches 
of  the  same  U.S.  bank.32  In  1990,  U.S.  authorities  seized  more  than  $12  million 
from  an  international  drug  cartel  that  was  attempting  to  transfer  the  funds  from 
Luxembourg  banks  to  Colombian  banks  through  various  "intermediary  banks" 
in  New  York.^^ 

The  non-bank  money  transmitter  industry  is  simply  too  small,  relative  to 
banks,  to  handle  the  vast  amounts  of  currency  currently  being  laundered.  The 
amount  of  funds  transferred  by  non-banks  on  a  daily  basis,  for  example,  is 
minuscule  compared  to  the  total  volume  of  financial  transfers  accomplished  in 
the  United  States  by  banks.  Fedwire,  one  of  the  primary  electronic  funds  transfer 
systems  utilized  by  banks,  transfers  on  the  average  of  $800  billion  a  day.^  The 
Federal  Reserve  Board  reports  that  Fedwire  conducted  more  than  64  million 
transactions  involving  more  than  $192  trillion  in  1991,  and  more  than  67  million 
transactions  involving  more  than  $199  trillion  in  1992.^5  When  combined  with 
figures  for  international  wire  transfers,^*  this  amounts  to  nearly  $450  trillion  a 


■^2    Luxembourg  Bank  Launders  Overseas.  Pleads  Guilty  In  U.S..  Money  Laundering 
Alert,  vol.  5,  no.  4,  January  1994,  at  1. 

■'•'    U.S.  Wins  Major  Victory  On  Wire  Seizures.  Money  Laundering  Alert,  vol.  5,  no.  2, 
November  1993,  at  2. 

34     Bank  Secrecy  Act  Regulations,  58  Fed.  Reg.  46,014, 46,015  (Aug.  31, 1993)  (proposed 
amendments). 

^    See  79th  Annual  Report  of  the  Board  of  Governors  of  the  Federal  Reserve  System 
(1993)  at  242-43  &  Table  9;  78th  Annual  Report  of  the  Board  of  Governors  of  the  Federal 
Reser\'e  System  (1993)  at  228-29  &  Table  9. 

^    According  to  unpublished  figures  quoted  by  Clearing  House  Interbank  Payments 
System,  a  private  New  York  firm  that  hemdles  more  than  90%  of  the  total  transfers  to  or 
from  abroad,  it  processed  approximately  39  million  transactions  involving  more  than 
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year  that  is  transferred  by  wire  through  banks.  By  contrast,  two  of  the  largest 
U.S.  non-bank  "funds  by  wire"  transmitters  move  less  than  $5  billion  per  year  in 
the  aggregate.  This  is  less  than  6  tenths  of  one  percent  of  what  depository 
institutions  wire  transfer  in  a  single  day! 

Given  this  gross  disparity,  illicit  transactions  are  much  more  likely  to 
occur  within  the  banking  world,  and  to  occur  in  far  greater  dollar  amounts,  than 
in  non-banks.  In  light  of  this  overwhelming  disparity,  it  is  illogical  to  focus  on 
non-banks  as  a  target  for  remedial  measures  to  combat  money  laundering, 
particularly  when  there  is  no  evidence  of  widespread  abuse  in  the  industry. 

III.       NON-BANK  MONEY  TRANSMITTERS  EMPLOY 
SAFEGUARDS  AGAINST  MONEY 
LAUNDERING. 

The  Ad  Hoc  Group  supports  a  vigorous  and  realistic  anti-money 

laundering  policy  and  advocates  scrupulous  compliance  with  all  state  and 

federal  money  laundering  laws  and  regulations.  Industry  members  promote  this 

important  public  policy  by  encouraging  compliance  with  all  federal  and  state 

money  laundering  laws  and  regulations,  by  preparing  and  distributing  training 

and  educational  materials  designed  to  educate  authorized  third-party  vendors 

and  industry  personnel  about  compliance  procedures,  and  by  notifying  law 

enforcement  authorities  of  suspicious  transactions  and  cooperating  with  them  in 

investigating  suspected  money  laundering  activities.^^ 


$238  trillion  in  1992,  and  more  than  42  million  transactions  involving  more  than  $265 
trillion  in  1993. 

3^     In  1990,  for  example,  the  IRS  thanked  Travelers  Express  Company  for  its  cooperation 
in  identifying  a  Medellin  drug  cartel  and  stated  that  Travelers  is  an  "excellent  example!] 
of  the  community  involvement  needed  to  assist  our  law  enforcement  agencies  in  fighting 
the  war  against  drugs."  Letter  from  Imar  Morics,  Assistant  Commissioner  (Criminal 
Investigation)  to  James  K.  Bill,  Travelers  Express  Company,  included  as  attachment  to  the 
Statement  for  the  Record  by  Travelers  Express  Company,  Inc.,  for  the  Permanent 
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The  money  transmitter  industry  employs,  as  a  front-line  defense  against 
money  laundering  activities,  careful  screening  and  background  checks  of  all 
third-party  vendors.  An  authorized  vendor  applicant  is  generally  required  to 
provide  detailed  information  such  as  its  business  structure,  banking  and  credit 
references  and  financial  statements.^   Third-party  source  verification,  to  the 
extent  it  is  commercially  available,  is  also  used  as  a  screening  technique.^^ 
However,  because  money  transmitters  are  not  lavy  enforcement  agencies,  they 
have  no  access  to  government  data  banks  and  therefore  cannot  obtain  criminal 
background  checks  on  prospective  third-party  vendors.  Moreover,  no  state  or 
federal  program  exists  to  receive  information  on  prospective  third-party  vendors 
from  non-bank  money  transmitters.  The  Ad  Hoc  Group  has  advocated  the 
development  of  a  governmental  clearinghouse  for  such  information  so  that 
responsible  operators  can  screen  proposed  authorized  vendors  in  advance. 

Industry  members  further  attempt  to  ensure  that  their  authorized  third- 
party  vendors  fully  comply  v^ith  all  state  and  federal  regulations  by  providing 
them  v^ith  plain-language  anti-money  laundering  compliance  information.  For 
example,  many  industry  members  have  provided  authorized  vendors  with 
manuals  containing  guidance  on  reporting  suspicious  transactions,''^  and 
complying  with  federal  currency  transaction  report  ("CTR")  and  recordkeeping 


Subcommittee  on  Investigations'  hearing  on  "Current  Trends  in  Money  Laundering," 
February  27, 1992. 

^  Statement  for  the  Record  by  Travelers  Express  Company,  Inc.,  for  the  Permanent 
Subcommittee  on  Investigations'  hearing  on  "Current  Trends  in  Money  Laundering," 
February  27, 1992,  at  2. 

39     Id. 

*"    See,  e.g..  U.S.  Anh-Money  Laundering  Manual,  Thomas  Cook,  1992. 


-15- 


312 


requirements  and  other  anti-money  laundering  requirements.'*'  In  some  cases, 
non-bank  money  transmitters  have  developed  materials  and  educational 
information  to  distribute  to  third-party  vendors  in  conjunction  v^ith  federal 
agencies  such  as  the  Treasury  Department  and  the  Internal  Revenue  Service.''^ 
Moreover,  to  the  extent  practicable,  industry  members  actively  monitor 
their  authorized  third-party  vendors  for  compliance  with  Treasury's  Title  31 
regulations.  Western  Union,  for  example,  reviews  its  manual  and  compliance 
program  with  each  of  its  authorized  vendors  at  least  once  a  year.''^  Both  Western 
Union  and  Travelers  Express  publish  periodic  newsletters  advising  authorized 
vendors  of  developments  relating  to  the  currency  reporting  requirements.'" 
Thomas  Cook  utilizes  intensive  employee  anti-money  laundering  educational 
programs.  In  addition,  non-bank  money  trar\smitters  take  all  practical  steps  to 
monitor  their  authorized  vendors'  transactions  by  using  internal  review  systems 


*'     See,  e.g..  Bank  Secrecy  Act  Compliance  Manual,  Western  Union,  undated;  American 
Express®  Money  Order  Bank  Secrecy  Act  Discussion,  Revised,  May  1993;  and  American 
Express®  Money  Order  Bank  Secrecy  Act  and  Money  Laundering  Update,  May  1993; 
American  Express  MoneyGram^^  Bank  Secrecy  Act  Discussion,  Revised,  May  1993;  and 
American  Express  MoneyGram^'^Bank  Secrecy  Act  and  Money  Laundering  Update, 
May  1993. 

'*2    Statement  for  the  Record  by  Travelers  Express  Company,  Inc.,  for  the  Permanent 
Subcommittee  on  Investigations'  hearing  on  "Current  Trends  in  Money  Laundering," 
February  27, 1992,  at  4;  Statement  of  Western  Uruon  Financial  Services  Inc.  for  the  United 
States  Senate  Committee  on  Governmental  Affairs,  Permanent  Subcoirmiittee  on 
Investigations,  at  4. 

*^    Statement  of  Western  Union  Financial  Services  Inc.  for  the  United  States  Senate 
Conmiittee  on  Governmental  Affairs,  Permanent  Subcommittee  on  Investigations,  at  4. 

**    Statement  for  the  Record  by  Travelers  Express  Company,  Inc.,  for  the  Permanent 
Subcommittee  on  Investigations'  hearing  on  "Current  Trends  in  Money  Laundering," 
February  27, 1992,  at  4;  Statement  of  Western  Union  Financial  Services  Inc.  for  the  United 
States  Senate  Committee  on  Governmental  Affairs,  Permanent  Subcommittee  on 
Investigations,  at  4. 
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to  identify  suspicious  transactions. •'^  When  they  learn  of  noncompliance,  money 
transmitters  take  appropriate  steps  to  address  the  problem,  which  may  include 
educating  the  third-party  vendor  or,  in  extreme  cases,  reporting  the  vendor  to  the 
appropriate  federal  and  state  agencies  and  terminating  the  agency  relationship. 

In  short,  there  is  simply  no  credible  evidence  of  widespread  corruption  of 
non-bank  money  transmitters,  or  the  widespread  use  of  their  services  by  money 
launderers  as  a  conduit  for  illicit  funds.  The  legitimate  money  transmitters  have 
implemented  internal  policies  designed  to  combat  fraud,  money  laundering  and 
other  potential  abuses  of  the  industry. 

IV.       NON-BANK  MONEY  TRANSMITTERS  ARE  HIGHLY 
REGULATED  BY  STATES  AND  THE  FEDERAL 
GOVERNMENT. 

State  Regulation 

Forty  four  states  currently  regulate  and  license  the  business  of  check 
selling  and  funds  transmission  by  wire  principally  to  insure  the  safety  and 
soundness  of  such  institutions.^*  (Fewer  states  regulate  check  cashing  and 
foreign  exchange  of  currency.)  The  Ad  Hoc  Group  and  other  industry  members 
actively  support  state  licensing  efforts  aimed  at  protecting  consumers  against 
financial  risk  or  loss,  and  oppose  the  operation  of  unauthorized  or  unlicer\sed 
money  transmitters. 


*5  Statement  for  the  Record  by  Travelers  Express  Company,  Inc.,  for  the  Permanent 
Subcommittee  on  Investigations'  hearing  on  "Current  Trends  in  Money  Laundering," 
February  27, 1992,  at  3. 

^    §££  Ezra  C.  Levine,  The  Regulation  of  Check  Sellers  and  Money  Transmitters.  Civil 
Remedies  in  Drug  Enforcement  Report,  National  Association  of  Attorneys  General, 
March/AprU  1993,  at  12. 
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The  Ad  Hoc  Group  advocates  enactment  of  uniform  state  laws  governing 
the  money  transmitter  industry  and  has  been  working  to  achieve  that  objective  in 
concert  with  the  Money  Transmitter  Regulators  Association  ("MTRA"),  the 
national  organization  of  state  regulatory  authorities.  The  MTRA  has  developed  a 
model  legislation  outline  for  the  regulation  of  non-bank  money  transmitters,  and 
a  model  act  based  on  this  outline  has  been  actively  supported  by  the  Ad  Hoc 
Group.  Indiana  recently  adopted  the  Model  Act,  and  Idaho  and  Tennessee  are 
currently  considering  its  adoption. 

Uniformity  of  regulation  is  not  only  cost-effective  for  the  money 
transmitter  industry,  but  also  aids  compliance  and  assists  law  enforcement 
officials  by  identifying  legitimate  industry  members  and  their  authorized 
vendors.  However,  current  state  regulations  "have  such  a  varying  degree  of 
requirements,  that  it  is  a  nightmare  for  the  national  companies  to  keep  up  with 
the  separate  requirements  of  each  state.'"*^ 

Prior  to  entering  the  business,  an  applicant  for  a  license  under  a  typical 
state  licensing  law  must  submit  detailed  information  concerning  its  operations, 
its  management,  pertinent  regulatory  history,  financial  statements,  background 
information  concerning  key  managers,  litigation  history,  identificarion  of  its 
clearing  bank,  locations  where  it  proposes  to  do  business,  a  sample  payment 
instrument,  and  a  sample  third-party  vendor  contract.  Moreover,  to  obtain  a 
license,  an  applicant  must  demonstrate  that  it  will  operate  its  business  in  a  safe 
and  sound  manner.^^  Most  states  also  require  the  money  transmitter  to  post  a 


*^    Statement  for  the  Record  by  the  Money  Transnutter  Regulators  Association,  The 
President's  Commission  On  Model  State  Drug  Laws,  Economic  Remedies  Hearing, 
January  6, 1993,  at  2. 

"•^    See  Ezra  C.  Levine,  The  Regulation  of  Check  Sellers  and  Money  Transmitters.  Civil 
Remedies  in  Drug  Enforcement  Report,  National  Association  of  Attorneys  General, 
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bond  to  protect  the  public  from  insolvency  or  default,  typically  in  the  $10,000  to 
$1  million  range.  In  addition  to  bonding  requirements,  virtually  all  states  require 
money  transmitters  to  meet  specified  net  worth  requirements  ranging  from 
$25,000  to  $5  million. 

Money  transmitters  are  required  periodically  to  file  reports  with  licensing 
officials  concerning  many  facets  of  their  operations  including  their  financial 
condition,  volume  of  business,  lists  of  authorized  vendors,  and  other 
information.  Some  states  require  special  reports  upon  a  change  of  control  of  the 
licensee  or  the  appointment  or  termination  of  an  authorized  vendor. 
Furthermore,  almost  half  of  the  states  have  statutes  that  relate  to  money 
laundering.  The  Ad  Hoc  Group  supports  state  laws  that  mirror  federal  law,  and 
at  least  22  states  have  enacted  specific  anti-money  laundering  statutes  that 
require  transaction-specific  reports  in  accordance  with  Title  31  requirements.*' 
Violation  of  state  money  laundering  statutes  is  usually  a  felony. 

In  addition  to  reporting  requirements,  state  licensees  are  subject  to  a 
variety  of  operating  requirements.  For  example,  there  is  a  growing  trend  at  the 
state  level  to  require  licensees  to  maintain  "permissible"  investments  in  cash, 
certificates  of  deposit,  or  bonds  equal  to  the  amount  of  outstanding  payment 
instruments.^"   Thus,  a  "permissible  investment"  provision  is  in  effect  a  100% 


March/April  1993,  at  12. 

*'    General  Accounting  Office,  Money  Laundering:  State  Efforts  To  Fight  it  Are 
Increasing  But  More  Federal  Help  Is  Needed.  Report  to  the  Permanent  Select  Committee 
on  Investigations,  Committee  on  Governmental  Affairs,  U.S.  Senate,  October  1992,  at  3. 

^  Ezra  C.  Levine,  The  Regulation  of  Check  Sellers  and  Money  Transmitters.  Civil 
Remedies  in  Drug  Enforcement  Report,  National  Association  of  Attorneys  General, 
March/April  1993,  at  12. 
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reserve  requirement.  By  comparison,  banks  in  most  instances  must  maintain 
between  3  and  12%  in  reserves  ^i 

Many  states  conduct  on-site  examinations  of  licensees,  usually  at  the 
licensee's  expense,  to  ensure  that  its  operations  are  being  conducted  in 
accordance  with  state  law.  The  Ad  Hoc  Group,  in  conjunction  with  the  MTRA 
and  state  banking  departments  in  Texas,  North  Carolina,  Michigan  and 
California,  devised  an  examination  sharing  agreement  permitting  these  states  to 
conduct  their  examinations  jointly .52  Such  joint  examinations  mitigate  costs  and 
disruption  for  licensees  and  ease  the  administrative  burden  on  short-staffed  state 
regulators. 

In  the  last  few  years,  certain  states  have  identified  and  have  enacted  laws 
to  address  specific  perceived  abuses.  For  example,  in  response  to  growing 
concerns  that  certain  casas  de  cambio  were  acting  as  conduits  for  illicit  funds, 
Texas  enacted  a  tough  currency  exchange  act  which  it  actively  enforces.  In 
Arizona,  a  money  transmitter  statute  and  money  laundering  law  were  enacted  in 
the  last  few  years  to  deal  with  that  state's  perception  that  its  locahon  on  the 
border  increased  the  possibility  of  money  laundering.  Likewise,  New  York  State, 
in  an  effort  to  police  more  effectively  non-bank  money  transmitters,  has  been 
aggressively  pursuing  unlicensed  operators  and  has  recently  proposed  stringent 
reporting  regulations  that  would  apply  to  financial  institutions. 

The  Ad  Hoc  Group  supports  reasonable  state  licensing,  examination  and 
money  laundering  laws.  Adequate  protection  of  consumers  and  the  public  at 


51     12  C.F.R.  §  204.9  (1992). 


52    ComptroUer's  Office,  State  of  Florida,  State  Regulation  of  the  Money  Transmitter 
Industry.  August  1993,  at  8. 
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large  requires  that  state  licensing  statutes  be  rigorously  enforced  by  the 
appropriate  agencies  and  that  banking  departments  and  other  state  enforcement 
officials  receive  the  funding  necessary  to  carry  out  this  task. 

The  Ad  Hoc  Group  also  believes  that  enactment  of  uniform  state  laws 
based  on  the  MTRA  Model  Legislation  outline  would  significantly  enhance  law 
enforcement  efforts  by  establishing  nationally  known  and  easily  administered 
industry-wide  standards  that  would  reduce  compliance  burdens  for  the  industry 
and  facilitate  multi-state  examination  efforts.  Likewise,  the  Ad  Hoc  Group 
supports  the  enactment  of  state  anti-money  laundering  statutes  that  mirror 
federal  recordkeeping  and  reporting  requirements.  The  inconsistencies  in  federal 
anti-money  laundering  regulations  pose  a  daunting  compliance  burden  for  non- 
bank  money  trar\smitters  which  is  compounded  when  states  do  not  follow 
federal  guidelines  in  enacting  money  laundering  laws.  These  inconsistencies 
impose  a  significant  burden  on  multistate,  regional  and  national  non-bank 
money  transmitters,  who  must  gear  their  nationwide  internal  policies  and 
procedures  to  the  most  stringent  of  the  states'  varying  requirements. 

Federal  Regulations 

The  full  range  of  currency  reporting  and  recordkeeping  requirements 
imposed  under  Title  31  generally  applies  to  nonbank  money  transmitters  since 
most  issuers  and  authorized  third-party  vendors  fall  within  the  Title  31 
definition  of  "financial  institution."  While  certain  low  volume  money  order  and 
travelers  check  vendors  do  not  qualify  as  "financial  institutions"  for  Title  31 
purposes,  these  entities  are  subject  to  Form  8300  and  related  reporting 
requirements  set  forth  in  Title  26.  In  and  of  itself,  this  regulatory  distinction 
between  authorized  vendors  who  are  Title  31  "CTR  filers"  and  those  who  are 
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Title  26  "Form  8300  filers"  poses  a  virtual  compliance  nightmare.  The  distinction 
is  illogical,  counterintuitive  and  difficult  to  explain  to  a  diverse  authorized 
vendor  base.53 

As  financial  institutions,  non-bank  money  transmitters,  generally  are 
subject  to  the  same  basic  reporting  and  recordkeeping  requirements  as  banks. 
However,  Title  31  and  Title  26  reporting  requirements  impose  a  greater  burden 
on  non-bank  money  tranmitters  than  on  banks  because,  viewed  as  a  percentage 
of  sales,  the  costs  of  compliance  with  CTR  filing  and  recordkeeping  requirements 
are  proportionately  greater  for  money  transmitters  than  for  banks.  Moreover, 
unlike  large,  sophisticated  depository  institutions  that  operate  with  employees 
who  handle  financial  transactions  as  their  principal  job,  money  transmitters 
generally  operate  through  a  decentralized  network  of  independently  owned 
small-  to  medium-sized  businesses  (such  as  convenience  stores,  supermarkets, 
pharmacies,  etc.)  that  lack  the  financial  resources,  sophistication  and 
administrative  capabilities  of  a  bank.  Therefore,  even  though  the  average  dollar 
amount  of  a  money  transmitter  transaction  is  likely  to  be  small,  a  vendor's  cost  of 
compliance  with  the  recordkeeping  and  reporting  requirements  is  the  same,  in 
absolute  dollars,  as  a  bank's.  When  those  requirements  are  triggered,  the 
authorized  vendor  is  usually  the  principal  recordkeeper  and  CTR-filer  since  the 
vendor  is  present  at  the  point  of  sale.^^   In  light  of  the  limited  profit  margins 


53  The  Ad  Hoc  Group  advocates  applying  Title  31  reporting  requirements  to  mixed 
services  businesses  regardless  of  their  volume  of  business.  However,  such  businesses 
v^rith  lovir  volume  should  not  be  subject  to  the  full  panoply  of  Title  31  obligations. 

^     Letter  dated  October  4, 1993,  from  Susan  W.  Sweeney,  Seiuor  Vice  President  and 
General  Counsel,  Thomas  Cook,  Inc.,  to  Peter  Djinis,  Esq.,  Director,  Office  of 
Enforcement,  Department  of  the  Treasury,  and  William  W.  Wiles,  Secretary,  Board  of 
Governors,  Federal  Reserve  System,  at  4-5. 


-22- 


319 


available  to  vendors  in  non-bank  money  transmission  transactions,  additional 
regulatory  burdens  likely  will  cause  many  such  businesses  to  cease  offering  these 
services  to  the  public.^^ 

CONCLUSION 

As  indicated  above,  non-bank  money  transmitters  provide  a  wide  variety 
of  cost-effective  financial  services  to  businesses  and  individuals.  The  industry  is 
composed  of  businesses  of  all  sizes,  local,  regional  and  nationwide,  which  cater 
to  general  or  specific  niche  markets.  The  non-bank  money  transmission  industry 
continues  to  thrive  because  it  offers  consumers  a  cost-effective  alternative  source 
of  basic  retail  financial  services  that  banks  are  not  interested  in  providing  at 
competitive  prices.  While  industry-wide  data  is  unavailable,  there  is  no  doubt 
that  the  industry  transmits  a  de  minimis  amount  of  funds  in  comparison  with 
depository  institutions.  Evidence  from  federal  sources  suggests  that  money 
launderers  seeking  to  transmit  large  amounts  of  U.S.  cash  abroad  ship 
undocumented  amounts  of  currency  in  airplanes  to  safe  harbors  like  the  Cayman 
Islands,  or  wire  large  sums  which  are  easily  hidden  in  the  more  than  $800  billion 
of  funds  transfers  consummated  by  banks  each  day.  In  short,  aside  from 
unsubstantiated  anecdotal  tales,  there  has  been  no  evidence  adduced  to  date  by 
federal  or  state  officials  that  the  nation's  money  laundering  problem  is  being 
exacerbated  by  the  widespread  use  of  non-bank  money  transmitters  as  the 


55    Statement  for  the  Record  by  Travelers  Express  Company,  Inc.,  for  the  Permanent 
Subcommittee  on  Investigations'  hearing  on  "Current  Trends  in  Money  Laundering," 
February  27, 1992,  at  3-4;  Letter  dated  October  4, 1993,  from  Susan  W.  Sweeney,  Senior 
Vice  President  and  General  Counsel,  Thomas  Cook,  Inc.,  to  Peter  Djinis,  Esq.,  Director, 
Office  of  Enforcement,  Department  of  the  Treasury,  and  William  W.  WOes,  Secretary, 
Board  of  Governors,  Federal  Reserve  System,  at  1-2;  see  also  Letter  dated  November  1, 
1993  from  Ezra  C.  Levine,  Howrey  &  Simon,  to  The  Honorable  Henry  B.  Gonzalez, 
Chairman,  House  Committee  on  Banking,  Finance  and  Urban  Affairs,  at  8. 
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conduit  for  illicit  funds.  As  in  any  industry,  miscreants  probably  exist,  but  the 
vast  majority  of  non-bank  money  transmitters,  of  whatever  size,  are  law-abiding 
citizens. 

It  must  be  remembered  that,  unlike  banks,  most  non-bank  money 
transmitters  operate  with  a  network  of  independently  owned,  authorized  third- 
party  vendors  which  are  often  small  businesses.  These  vendors  usually  perform 
money  transmission  services  as  an  incidental  and  sporadic  part  of  their  business, 
as  a  convenience  to  customers.  Therefore,  the  goal  of  simplification  and 
uniformity  of  state  and  federal  reporting  and  recordkeeping  requirements  has 
been  pursued  by  the  Ad  Hoc  Group  because  it  will  ease  the  task  of  achieving 
compliance  at  the  vendor  level  where  the  majority  of  face-to-face  transactions 
take  place.  In  addition.  Ad  Hoc  Group  members  have  sought  without  success 
from  the  federal  government  educational  materials  in  the  form  of  plain  text 
guidance  that  can  be  circulated  to  front-line  employees  who  must  make  daily 
decisions  about  currency  filings,  recordkeeping,  suspicious  transactions, 
emergency  situations,  etc.  In  short,  imposition  of  reporting  and  recordkeeping 
requirements  designed  around  the  depository  institution  model  fails  to  reflect 
the  reality  of  how  transactions  are  consummated  in  the  real  world  of  non-bank 
money  transmission. 

In  conclusion,  it  is  all  too  easy  to  embrace  the  simplistic  theme  that  non- 
banks  are  a  significant  problem  in  the  money  laundering  context,  and  that 
increased  regulation  of  such  activities  is  warranted.  It  is  clear  that  increased 
regulation  of  the  non-bank  money  transmitter  industry  carmot  possibly  be  a 
panacea  for  the  nation's  drug-related  money  laundering  ills.  Even  if  all  non-bank 
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money  transmitters  were  abolished,  it  would  have  no  measurable  effect  on  the 
money  laundering  problem. 

What  is  needed  is  increased  enforcement  activity  against  the  unlicensed 
and  illegitimate  operators  coupled  with  reasonable  regulations  that  are  fine- 
tuned  to  reflect  the  realities  of  how  non-banks  operate  rather  than  blanket 
imposition  of  rules  designed  for  depository  institutions.  A  regulatory  scheme 
more  attuned  to  the  real-life  world  of  non-bank  money  trarismission  activities 
would  be  less  costly  for  the  industry,  would  achieve  higher  compliance  rates, 
and  therefore  would  serve  the  public  interest.  The  Ad  Hoc  Group,  which  has 
been  in  the  forefront  of  the  non-bank  money  transmitter  industry,  will  continue 
its  efforts  to  work  hand  in  hand  with  state  and  federal  officials  to  address  safety 
and  soundness  and  law  enforcement  issues  in  a  responsible  manner. 
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Introduction 

With  the  onset  of  the  Information  Age,  our  nation  is  becoming  increasingly  depen- 
dent upon  network  communications.  Computer-based  technology  is  significajitly  impacting 
our  ability  to  access,  store,  and  distribute  information.  Among  the  most  important  uses 
of  this  technology  is  electronic  commerce:  performing  financial  transactions  via  electronic 
information  exchanged  over  telecommunications  lines.  A  key  requirement  for  electronic 
commerce  is  the  development  of  secure  and  efficient  electronic  payment  systems.  The 
need  for  security  is  highlighted  by  the  rise  of  the  Internet,  which  promises  to  be  a  leading 
medium  for  future  electronic  commerce. 

Electronic  payment  systems  come  in  many  forms  including  digital  checks,  debit 
cards,  credit  cards,  and  stored  value  cards.  The  usual  security  features  for  such  systems 
are  privacy  (protection  from  eavesdropping),  authenticity  (provides  user  identification  and 
message  integrity),  and  nonrepudiation  (prevention  of  later  denying  having  performed  a 
transaction). 

The  type  of  electronic  payment  system  focused  on  in  this  paper  is  electronic  cash. 
As  the  name  implies,  electronic  cash  is  an  attempt  to  construct  an  electronic  payment 
system  modelled  after  our  paper  cash  system.  Paper  cash  has  such  features  as  being: 
portable  (easily  carried),  recognizeable  (as  legal  tender)  hence  readily  acceptable,  trans- 
ferable (without  involvement  of  the  financial  network),  imtraceable  (no  record  of  where 
money  is  spent),  anonymous  (no  record  of  who  spent  the  money)  and  has  the  ability  to 
make  "change."  The  designers  of  electronic  cash  focused  on  preserving  the  features  of  un- 
traceability  and  anonymity.  Thus,  electronic  cash  is  defined  to  be  an  electronic  payment 
system  that  provides,  in  addition  to  the  above  security  features,  the  properties  of  user 
anonymity  and  payment  untraceability. 

In  general,  electronic  cash  schemes  achieve  these  security  goals  via  digital  signatures. 
They  can  be  considered  the  digital  analog  to  a  handwritten  signature.  Digital  signatures 
are  based  on  public  key  cryptography.  In  such  a  cryptosystem,  each  user  has  a  secret 
key  and  a  public  key.  The  secret  key  is  used  to  create  a  digital  signature  and  the  public 
key  is  needed  to  verify  the  digital  signature.  To  tell  who  has  signed  the  information  (also 
called  the  message),  one  must  be  certain  one  knows  who  owns  a  given  pubhc  key.  This 
is  the  problem  of  key  management,  and  its  solution  requires  some  kind  of  authentication 
infrastructure.  In  addition,  the  system  must  have  adequate  network  and  physical  security 
to  safeguard  the  secrecy  of  the  secret  keys. 

This  report  has  surveyed  the  academic  literature  for  cryptographic  techniques  for 
implementing  secure  electronic  cash  systems.  Several  innovative  payment  schemes  provid- 
ing user  anonymity  and  payment  untraceability  have  been  found.  Although  no  paxticulcir 
payment  system  has  been  thoroughly  analyzed,  the  cryptography  itself  appears  to  be  sound 
and  to  deliver  the  promised  anonymity. 

These  schemes  are  fcir  less  satisfactory,  however,  from  a  law  enforcement  point  of 
view.  In  particular,  the  dangers  of  money  laundering  and  counterfeiting  are  potentially  far 
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more  serious  them  with  paper  cash.  These  problems  exist  in  any  electronic  payment  system, 
but  they  axe  made  much  worse  by  the  presence  of  anonymity.  Indeed,  the  widespread 
use  of  electronic  cash  would  increase  the  vulnerabiUty  of  the  national  financieJ  system  to 
Information  Waxfeire  attacks.  We  discuss  me2isures  to  manage  these  risks;  these  steps, 
however,  would  have  the  effect  of  compromising  the  anonymity  to  some  extent. 

This  report  is  organized  in  the  following  manner.  Chapter  1  defines  the  bctsic  con- 
cepts surrounding  electronic  payment  systems  and  electronic  cash.  Chapter  2  provides  the 
reader  with  a  high  level  cryptographic  description  of  electronic  cash  protocols  in  terms  of 
beisic  authentication  mechanisms.  Chapter  3  techrjcally  describes  specific  implementations 
that  have  been  proposed  in  the  academic  literature.  In  Chapter  4,  the  optional  features  of 
transferability  and  divisibility  for  off-hne  electronic  cash  are  presented.  Finally,  in  Chapter 
5  the  security  issues  associated  with  electronic  cash  are  discussed. 


The  authors  of  this  paper  wish  to  acknowledge  the  following  people  for  their  con- 
tribution to  this  research  effort  through  numerous  discussions  and  review  of  this  paper: 
Kevin  Igoe,  John  Petro,  Steve  Neal,  and  Mel  Currie. 


344 


§1:  What  is  Electronic  Cash? 

We  begin  by  carefully  defining  "electronic  cash."  This  term  is  often  apphed  to 
any  electronic  payment  scheme  that  superficially  resembles  cash  to  the  user.  In  fact, 
however,  electronic  cash  is  a  specific  kind  of  electronic  payment  scheme,  defined  by  certain 
cryptographic  properties.  We  now  focus  on  these  properties. 

§1.1  Electronic  Payment 

The  term  electronic  commerce  refers  to  any  finajicicd  transaction  involving  the  elec- 
tronic transmission  of  information.  The  packets  of  information  being  transmitted  are 
commonly  called  electronic  tokens.  One  should  not  confuse  the  token,  which  is  a  sequence 
of  bits,  with  the  physical  media  used  to  store  and  transmit  the  information. 

We  will  refer  to  the  storage  mediiun  as  a  card  since  it  commonly  takes  the  form  of 
a  wallet-sized  card  made  of  plastic  or  cardboard.  (Two  obvious  examples  are  credit  cards 
and  ATM  cards.)  However,  the  "card"  could  also  be,  e.g.,  a  computer  memory. 

A  particular  kind  of  electronic  commerce  is  that  of  electronic  payment.  An  electronic 
payment  protocol  is  a  series  of  transactions,  at  the  end  of  which  a  payment  has  been  made, 
using  a  token  issued  by  a  third  party.  The  most  common  example  is  that  of  credit  cards 
when  an  electronic  approval  process  is  used.  Note  that  oiu:  definition  implies  that  neither 
payer  nor  payee  issues  the  token.' 

The  electronic  payment  scenario  eissumes  three  kinds  of  players:^ 

•  a  payer  or  consumer,  whom  we  will  name  Alice. 

•  a  payee,  such  as  a  merchant.  We  will  name  the  payee  Bob. 

•  a  financial  network  with  whom  both  Alice  and  Bob  have  accounts.  We  will  infor- 
mally refer  to  the  financial  network  as  the  Bank. 

§1.2  Security  of  Electronic  Payments 

With  the  rise  of  telecommunications  and  the  Internet,  it  is  increasingly  the  case 
that  electronic  commerce  takes  place  using  a  transmission  medimn  not  under  the  control 
of  the  financial  system.  It  is  therefore  necessary  to  taJce  steps  to  insure  the  security  of  the 
messages  sent  along  such  a  medium. 

The  necessary  security  properties  are: 

•  Privacy,  or  protection  agciinst  eavesdropping.  This  is  obviously  of  importance  for 
transactions  involving,  e.g.,  credit  card  numbers  sent  on  the  Internet. 


^In  this  sense,  electronic  payment  differs  from  such  systems  as  prepaid  phone  cards  and  subway 
fare  cards,  where  the  token  is  issued  by  the  payee. 

'In  §4.1,  we  will  generalize  this  scenario  when  we  discuss  transfers. 
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•  User  identification,  or  protection  against  impersonation.  Clearly,  any  scheme  for 
electronic  commerce  must  require  that  a  user  knows  with  whom  she  is  dealing  (if 
only  as  an  alias  or  credit  card  number). 

•  Message  integrity,  or  protection  against  tampering  or  substitution.  One  must  know 
that  the  recipient's  copy  of  the  message  is  the  same  as  what  was  sent. 

•  Nonrepudiation,  or  protection  against  later  denial  of  a  transaction.  This  is  clearly 
necessary  for  electronic  commerce,  for  such  things  as  digital  receipts  and  payments. 

The  last  three  properties  are  collectively  referred  to  as  authenticity. 

These  security  features  Cctn  be  achieved  in  several  ways.  The  technique  that  is 
gaining  widespread  use  is  to  employ  an  authentication  infrastructure.  In  such  a  setup, 
privacy  is  attained  by  enciphering  each  message,  using  a  private  key  known  only  to  the 
sender  and  recipient.  The  authenticity  features  are  attained  via  key  management,  e.g.,  the 
system  of  generating,  distributing  and  storing  the  users'  keys. 

Key  management  is  carried  out  using  a  certification  authority,  or  a  trusted  agent 
who  is  reponsible  for  confirming  a  user's  identity.  This  is  done  for  each  user  (including 
banks)  who  is  issued  a  digital  identity  certificate.  The  certificate  can  be  used  whenever  the 
user  wishes  to  identify  herself  to  another  user.  In  addition,  the  certificates  make  it  possible 
to  set  up  a  private  key  between  users  in  a  secure  and  authenticated  way.  This  private  key  is 
then  used  to  encrypt  subsequent  messages.  This  technique  can  be  implemented  to  provide 
any  or  all  of  the  above  security  features. 

Although  the  authentication  infrastructure  may  be  separate  from  the  electronic- 
commerce  setup,  its  security  is  an  essential  component  of  the  security  of  the  electronic- 
commerce  system.  Without  a  trusted  certification  authority  and  a  secure  infrastructure, 
the  above  four  security  features  cannot  be  achieved,  and  electronic  commerce  becomes 
impossible  over  an  untrusted  transmission  medium. 

We  will  assume  throughout  the  remainder  of  this  paper  that  some  authentication 
infrastructure  is  in  place,  providing  the  four  security  features. 

§1.3  Electronic  Cash 

We  have  defined  privacy  as  protection  against  eavesdropping  on  one's  communica- 
tions. Some  privacy  advocates  such  as  David  Chaum  (see  [2], [3]),  however,  define  the  term 
far  more  expansively.  To  them,  genuine  "privacy"  implies  that  one's  history  of  purchases 
not  be  available  for  inspection  by  banks  and  credit  caxd  companies  (and  by  extension  the 
government).  To  achieve  this,  one  needs  not  just  privacy  but  anonymity.  In  particular, 
one  needs 

•  payer  anonymity  during  payment, 

•  payment  untraceability  so  that  the  Bank  cannot  tell  whose  money  is  used  in  a  par- 
ticular payment. 
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These  features  axe  not  available  with  credit  ccirds.  Indeed,  the  only  conventional 
payment  system  offering  it  is  cash.  Thus  Chaum  and  others  have  introduced  electronic 
cash  (or  digital  cash),  an  electronic  payment  system  which  offers  both  features. 

The  sequence  of  events  in  an  electronic  cash  payment  is  as  follows: 

•  withdTawal,  in  which  Alice  transfers  some  of  her  wealth  from  her  Bajik  account  to 
her  CEird. 

•  payment,  in  which  Ahce  transfers  money  from  her  caxd  to  Bob's. 

•  deposit,  in  which  Bob  transfers  the  money  he  has  received  to  his  Bank  account. 

(See  Figure  1.) 
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Hgure  1 .  llie  three  types  of  transactions  in  a  basic  electronic  cash  model. 


These  procedures  can  be  implemented  in  either  of  two  ways: 

•  On-line  payment  means  that  Bob  calls  the  Bank  and  verifies  the  validity  of  Al- 
ice's token^  before  accepting  her  payment  and  deHvering  his  merchandise.  (This 
resembles  many  of  today's  credit  card  transactions.) 

•  Off-line  payment  means  that  Bob  submits  Alice's  electronic  coin  for  verification 
and  deposit  sometime  after  the  payment  transaction  is  completed.  (This  method 
resembles  how  we  meike  small  purchases  today  by  personal  check.) 


'In  the  context  of  electronic  cash,  the  token  is  usually  called  an  electronic  coin. 
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Note  that,  with  an  on-Hne  system,  the  payment  and  deposit  axe  not  separate  steps.  We 
will  refer  to  on-line  cask  and  off-line  cash  schemes,  omitting  the  word  "electronic"  since 
there  is  no  dsinger  of  confusion  with  paper  cash. 

§1.4  Counterfeiting 

As  in  any  payment  system,  there  is  the  potential  here  for  crimincd  abuse,  with 
the  intention  either  of  cheating  the  financial  system  or  using  the  payment  mechanism 
to  facilitate  some  other  crime.  We  will  discuss  some  of  these  problems  in  §5.  However, 
the  issue  of  counterfeiting  must  be  considered  here,  since  the  payment  protocols  contain 
built-in  protections  against  it. 

There  axe  two  abuses  of  an  electronic  cash  system  analogous  to  counterfeiting  of 
physical  cash: 

•  Token  forgery,  or  creating  a  valid-looking  coin  without  maicing  a  corresponding 
Bank  withdrawal. 

•  Multiple  spending,  or  using  the  same  token  over  ageiin.  Since  an  electronic  coin 
consists  of  digital  information,  it  is  as  valid-looking  after  it  has  been  spent  as  it  was 
before.  (Multiple  spending  is  also  commonly  cedled  re-spending,  double  spending, 
and  repeat  spending.) 

One  can  deal  with  counterfeiting  by  trying  to  prevent  it  from  happening,  or  by 
trying  to  detect  it  after  the  fact  in  a  way  that  identifies  the  culprit.  Prevention  clearly  is 
preferable,  all  other  things  being  equal. 

Although  it  is  tempting  to  imagine  electronic  cash  systems  in  which  the  transmission 
and  storage  media  are  secure,  there  wiU  certainly  be  applications  where  this  is  not  the  case. 
(An  obvious  example  is  the  Internet,  whose  users  are  notoriously  vulnerable  to  viruses  and 
eavesdropping.)  Thus  we  need  techniques  of  dealing  with  counterfeiting  other  than  physical 
security. 

•  To  protect  against  token  forgery,  one  relies  on  the  usual  authenticity  functions  of 
user  identification  and  message  integrity.  (Note  that  the  "user"  being  identified 
from  the  coin  is  the  issuing  Bank,  not  the  anonymous  spender.) 

•  To  protect  against  multiple  spending,  the  Bcink  maintains  a  database  of  spent  elec- 
tronic coins.  Coins  zdready  in  the  database  are  to  be  rejected  for  deposit.  If  the 
payments  are  on-line,  this  will  prevent  multiple  spending.  If  off-line,  the  best  we 
can  do  is  to  detect  when  multiple  spending  has  occurred.  To  protect  the  payee,  it  is 
then  necessary  to  identify  the  payer.  Thus  it  is  necessary  to  disable  the  anonymity 
mechanism  in  the  cEise  of  multiple  spending. 

The  features  of  authenticity,  zmonymity,  and  multiple-spender  exposure  axe  achieved 
most  conveniently  using  public-key  cryptography.  We  will  discuss  how  this  is  done  in  the 
next  two  chapters. 
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§2:  A  Cryptographic  Description 

In  this  chapter,  we  give  a  high-level  description  of  electronic  cash  protocols  in  terms 
of  basic  authentication  mechanisms.  We  begin  by  describing  these  mechanisms,  which  axe 
based  on  public-key  cryptography.  We  then  build  up  the  protocol  gradually  for  ease  of 
exposition.  We  start  with  a  simplified  scheme  which  provides  no  anonymity.  We  then  in- 
corporate the  payment  untraceabihty  feature,  and  finally  the  payment  anonymity  property. 
The  result  will  be  a  complete  electronic  cash  protocol. 

§2.1  Public-Key  Cryptographic  Tools 

We  begin  by  discussing  the  basic  public-key  cryptographic  techniques  upon  which 
the  electronic  cash  implementations  are  based. 

One-Way  Functions.  A  one-way  function  is  a  correspondence  between  two  sets  which  caoa 
be  computed  efficiently  in  one  direction  but  not  the  other.  In  other  words,  the  function  (j) 
is  one-way  if,  given  5  in  the  domain  of  (j>,  it  is  easy  to  compute  t  =  1^(5),  but  given  only  t, 
it  is  hard  to  find  s.  (The  elements  are  typically  numbers,  but  could  also  be,  e.g.,  points 
on  an  elliptic  curve;  see  [10].) 

Key  Pairs.  If  ^  is  a  one-way  function,  then  a  key  pair  is  a  pair  s,  t  related  in  some  way 
via  <j>.  We  call  s  the  secret  key  and  t  the  public  key.  As  the  najnes  imply,  each  user  keeps 
his  secret  key  to  himself  and  malces  his  pubhc  key  available  to  all.  The  secret  key  remains 
secret  even  when  the  public  key  is  known,  because  the  one-way  property  of  ^  insures  that 
t  cannot  be  computed  from  s. 

All  public-key  protocols  use  key  pairs.  For  this  reason,  pubhc-key  cryptography 
is  often  called  asymmetric  cryptography.  Conventional  cryptography  is  often  called  sym- 
metric cryptography ,  since  one  can  both  encrypt  and  decrypt  with  the  private  key  but  do 
neither  without  it. 

Signature  and  Identification.  In  a  public  key  system,  a  user  identifies  herself  by  proving 
that  she  knows  her  secret  key  without  revealing  it.  This  is  done  by  performing  some 
operation  using  the  secret  key  which  anyone  can  check  or  undo  using  the  public  key.  This 
is  called  identification.  If  one  uses  a  message  as  well  as  one's  secret  key,  one  is  performing  a 
digital  signature  on  the  message.  The  digital  signature  plays  the  same  role  as  a  handwritten 
signature:  identifying  the  author  of  the  message  in  a  way  which  cannot  be  repudiated,  and 
confirming  the  integrity  of  the  message. 

Secure  Hashing.  A  hash  function  is  a  map  from  all  possible  strings  of  bits  of  any  length  to 
a  bit  string  of  fixed  length.  Such  functions  are  often  required  to  be  collision- free:  that  is, 
it  must  be  computationally  difficult  to  find  two  inputs  that  hash  to  the  same  value.  If  a 
hash  function  is  both  one-way  and  collision-free,  it  is  said  to  be  a  secure  hash. 
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The  most  common  use  of  secure  hash  functions  is  in  digital  signatures.  Messages 
might  come  in  any  size,  but  a  given  public-key  algorithm  requires  working  in  a  set  of  fixed 
size.  Thus  one  hashes  the  message  and  signs  the  secure  hash  rather  than  the  message 
itself.  The  hash  is  required  to  be  one-way  to  prevent  signature  forgery,  i.e.,  constructing 
a  valid-looking  signature  of  a  message  without  using  the  secret  key.*  The  hash  must  be 
collision-free  to  prevent  repudiation,  i.e.,  denying  having  signed  one  message  by  producing 
smother  message  with  the  same  hash. 

§2.2  A  Simplified  Electronic  Cash  Protocol 

We  now  present  a  simplified  electronic  Ccish  system,  without  the  anonymity  features. 
Protocol  1:  On-line  electronic  payment. 

Withdrawal: 

AHce  sends  a  withdrawal  request  to  the  Bank. 

Bank  prepares  an  electronic  coin  and  digitally  signs  it. 

Bank  sends  coin  to  Ahce  and  debits  her  account. 

Pay  me  nt/D  eposit: 

Alice  gives  Bob  the  coin. 

Bob  contacts  Bank^  and  sends  coin. 

Bank  verifies  the  Bzink's  digital  signature. 

Bank  verifies  that  coin  has  not  already  been  spent. 

Bank  consults  its  withdrawal  records  to  confirm  Alice's 

withdrawal,  (optional) 
Bank  enters  coin  in  spent-coin  database. 
Bank  credits  Bob's  account  and  informs  Bob. 
Bob  gives  Ahce  the  merchandise. 


*Note  that  token  forgery  is  not  the  same  thing  as  signature  forgery.  Forging  the  Bank's  digital 
signature  without  knowing  its  secret  key  is  one  way  of  committing  token  forgery,  but  not  the  only  way. 
A  bank  employee  or  hacker,  for  instance,  could  "borrow"  the  Bank's  secret  key  and  validly  sign  a  token. 
This  key  compromise  scenario  is  discussed  in  §5.3. 

'One  should  keep  in  mind  that  the  term  "Bank"  refers  to  the  financial  system  that  issues  and 
clears  the  coins.  For  example,  the  Bank  might  be  a  credit  card  company,  or  the  overall  banking  system. 
In  the  latter  case,  Alice  and  Bob  might  have  separate  banks.  If  that  is  so,  then  the  "deposit"  procedure 
is  a  little  more  complicated:  Bob's  bank  contacts  Alice's  bank,  "cashes  in"  the  coin,  and  puts  the  money 
in  Bob's  account. 
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Protocol  2:   Off-line  electronic  payment. 

Withdrawal: 

Alice  sends  a  withdrawal  request  to  the  Bank. 

Bcink  prepares  an  electronic  coin  and  digitally  signs  it. 

Bank  sends  coin  to  Ahce  and  debits  her  account. 

Payment: 

Alice  gives  Bob  the  coin. 

Bob  verifies  the  Bank's  digital  signature,  (optional) 

Bob  gives  Alice  the  merchandise. 

Deposit: 

Bob  sends  coin  to  the  Bank. 

Bank  verifies  the  Bank's  digital  signature. 

Bank  verifies  that  coin  has  not  already  been  spent. 

Bank  consults  its  withdrawal  records  to  confirm  AHce's 

withdrawal,  (optional) 
Bank  enters  coin  in  spent-coin  database. 
Bank  credits  Bob's  account. 

The  above  protocols  use  digitai  signatures  to  achieve  authenticity.  The  authenticity 
features  could  have  been  achieved  in  other  ways,  but  we  need  to  use  digital  signatures  to 
aJlow  for  the  anonymity  mechanisms  we  axe  about  to  add. 

§2.3  Untraceable  Electronic  Payments 

In  this  section,  we  modify  the  above  protocols  to  include  payment  untraceability. 
For  this,  it  is  necessary  that  the  Bank  not  be  able  to  link  a  specific  withdrawal  with  a 
specific  deposit. *  This  is  accomplished  using  a  special  kind  of  digitcd  signature  cadled  a 
blind  signature. 

We  will  give  examples  of  blind  signatures  in  §3.2,  but  for  now  we  give  only  a  high- 
level  description.  In  the  withdrawal  step,  the  user  changes  the  message  to  be  signed  using 
a  random  quantity.  This  step  is  called  "blinding"  the  coin,  eind  the  random  quantity  is 
called  the  blinding  factor.  The  Bank  signs  this  random-looking  text,  and  the  user  removes 
the  blinding  factor.  The  user  now  has  a  legitimate  electronic  coin  signed  by  the  Bank.  The 
Bank  will  see  this  coin  when  it  is  submitted  for  deposit,  but  will  not  know  who  withdrew  it 
since  the  random  blinding  factors  are  unknown  to  the  Bank.  (Obviously,  it  will  no  longer 
be  possible  to  do  the  checking  of  the  withdrawal  records  that  was  an  optional  step  in  the 
first  two  protocols.) 


^In  order  to  achieve  either  anonymity  feature,  it  is  of  course  necessary  that  the  pool  of  electronic 
coins  be  a  large  one. 
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Note  that  the  Bank  does  not  know  what  it  is  signing  in  the  withdrawal  step.  This 
introduces  the  possibihty  that  the  Bank  might  be  signing  something  other  thein  what  it  is 
intending  to  sign.  To  prevent  this,  we  specify  that  a  Bank's  digital  signature  by  a  given 
secret  key  is  valid  only  as  authorizing  a  withdrawal  of  a  fixed  amount.  For  example,  the 
Bank  could  have  one  key  for  a  $10  withdrawsJ,  einother  for  a  $50  withdrawal,  and  so  on.^ 

Protocol  3:  Untraceable  On-line  electronic  payment. 

Withdrawal: 

Alice  creates  an  electronic  coin  and  blinds  it. 

Alice  sends  the  bUnded  coin  to  the  Bank  with  a  withdrawal  request. 

Bank  digitally  signs  the  blinded  coin. 

Bank  sends  the  signed  bhnded  coin  to  Ahce  and  debits  her  account. 

Ahce  unblinds  the  signed  coin. 

Payment/ Deposit: 

Ahce  gives  Bob  the  coin. 

Bob  contacts  Bank  and  sends  coin. 

Bank  verifies  the  Bank's  digital  signature. 

BEink  verifies  that  coin  has  not  already  been  spent. 

Bank  enters  coin  in  spent-coin  database. 

Bank  credits  Bob's  account  and  informs  Bob. 

Bob  gives  Ahce  the  merchandise. 

Protocol  4:  Uhtraceabie  Off-line  electronic  payment. 

Withdrawal: 

Alice  creates  an  electronic  coin  and  bUnds  it. 

Ahce  sends  the  blinded  coin  to  the  Bank  with  a  withdrawal  request. 

Bank  digitzdly  signs  the  blinded  coin. 

Bank  sends  the  signed  blinded  coin  to  Ahce  and  debits  her  accoimt. 

Alice  unblinds  the  signed  coin. 

Payment: 

Alice  gives  Bob  the  coin. 

Bob  verifies  the  Bank's  digital  signature,  (optional) 

Bob  gives  Alice  the  merchandise. 

Deposit: 

Bob  sends  coin  to  the  Bzmk. 


'One  could  also  broaden  the  concept  of  "blind  signature"  to  include  interactive  protocols  where 
both  parties  contribute  random  elements  to  the  message  to  be  signed.  An  example  of  this  is  the  "random- 
ized blind  signature"  occurring  in  the  Ferguson  scheme  discussed  in  §3.3. 
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Bajik  verifies  the  Bank's  digital  signature. 
Bank  verifies  that  coin  has  not  sdready  been  spent. 
BanJc  enters  coin  in  spent-coin  database. 
Bank  credits  Bob's  account. 

§2.4  A  Basic  Electronic  Cash  Protocol 

We  now  take  the  final  step  and  modify  our  protocols  to  achieve  payment  anonymity. 
The  ideal  situation  (from  the  point  of  view  of  privacy  advocates)  is  that  neither  payer 
nor  payee  should  know  the  identity  of  the  other.  This  makes  remote  transactions  using 
electronic  cash  totally  anonymous:  no  one  knows  where  Alice  spends  her  money  and  who 
pays  her. 

It  turns  out  that  this  is  too  much  to  ask:  there  is  no  way  in  such  a  scenario  for  the 
consumer  to  obtain  a  signed  receipt.  Thus  we  are  forced  to  settle  for  payer  anonymity. 

If  the  payment  is  to  be  on-line,  we  can  use  Protocol  3  (implemented,  of  course, 
to  allow  for  payer  anonymity).  In  the  off-line  case,  however,  a  new  problem  Eirises.  If  a 
merchant  tries  to  deposit  a  previously  spent  coin,  he  will  be  turned  down  by  the  Bank, 
but  neither  will  know  who  the  multiple  spender  was  since  she  was  anonymous.  Thus  it  is 
necessary  for  the  Bank  to  be  able  to  identify  a  multiple  spender.  This  feature,  however, 
should  preserve  anonymity  for  law-abiding  users. 

The  solution  is  for  the  payment  step  to  require  the  payer  to  have,  in  addition  to 
her  electronic  coin,  some  sort  of  identifying  information  which  she  is  to  share  with  the 
payee.  One  piece  of  this  information  reveals  nothing  about  Alice's  identity,  but  two  pieces 
axe  sufficient  to  fully  recover  Alice's  identity.  The  identifying  information  is  authenticated 
(bound  to  Alice's  ID)  at  the  withdrawal  step  in  a  bhnded  way.  No  one  but  Alice  possesses 
any  of  this  information,  except  for  one  piece  which  Ahce  reveals  to  the  payee  during  the 
payment  step. 

This  revealing  is  done  using  a  challenge-response  protocol.  In  such  a  protocol, 
Bob  sends  Alice  a  random  "challenge"  quantity  and,  in  response,  Alice  returns  a  piece  of 
identifying  information.  (The  piece  she  sends  is  a  function  of  the  chcdlenge  quzmtity.)  At 
the  deposit  step,  the  identifying  information  is  sent  along  with  the  coin  to  the  Bank.  If  all 
goes  as  it  should,  the  identifying  information  will  never  point  to  Alice.  However,  should 
she  spend  the  coin  twice,  the  Bank  will  eventually  obtain  two  copies  of  the  same  coin, 
each  with  a  piece  of  identifying  information.  Because  of  the  randomness  in  the  challenge- 
response  protocol,  these  two  pieces  will  be  different.  Thus  the  Bank  will  be  able  to  identify 
her  as  the  multiple  spender.  Since  only  she  can  dispense  identifying  information,  we  know 
that  her  coin  was  not  copied  and  re-spent  by  someone  else. 
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Protocol  5:  Off-line  cash. 

Withdrawal: 

Alice  creates  an  electronic  coin,  including  identifying  information. 

Alice  blinds  the  coin. 

Alice  sends  the  blinded  coin  to  the  Bank  with  a  withdrawcJ  request. 

Bank  verifies  that  the  identifying  information  is  present. 

Bank  digitally  signs  the  bUnded  coin. 

Bank  sends  the  signed  bhnded  coin  to  Alice  and  debits  her  accoimt. 

Alice  unbhnds  the  signed  coin. 

Payment: 

Alice  gives  Bob  the  coin. 

Bob  verifies  the  Bank's  digital  signatiure. 

Bob  sends  Alice  a  challenge. 

Alice  sends  Bob  a  response  (revealing  one  piece  of  identifying  info). 

Bob  verifies  the  response. 

Bob  gives  Alice  the  mercheindise. 

Deposit: 

Bob  sends  coin,  challenge,  and  response  to  the  Bank. 

Bank  verifies  the  Bcink's  digital  signature. 

Bank  verifies  that  coin  has  not  already  been  spent. 

Bank  enters  coin,  chedlenge,  and  response  in  spent-coin  database. 

Bank  credits  Bob's  accoimt. 

Note  that,  in  this  protocol.  Bob  must  verify  the  Bank's  signatiure  before  giving  Ahce  the 
merchandise.  In  this  way.  Bob  can  be  sure  that  either  he  will  be  peiid  or  he  will  leaxn 
Ahce's  identity  as  a  multiple  spender. 
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§3:  Proposed  Off-Line  Implementations 

Having  described  electronic  cash  in  a  high-level  way,  we  now  wish  to  describe  the 
specific  implementations  that  have  been  proposed  in  the  hterature.  Such  implementations 
axe  for  the  ofF-hne  case;  the  on-line  protocols  axe  just  simphfications  of  them.  The  first 
step  is  to  discuss  the  various  implementations  of  the  pubUc-key  cryptographic  tools  we 
have  described  eaxUer. 

§3.1  Including  Identifying  Information 

We  must  first  be  more  specific  about  how  to  include  (and  access  when  necessaxy) 
the  identifying  information  meant  to  catch  multiple  spenders.  There  are  two  ways  of  doing 
it:  the  cut- and- choose  method  and  zero-knowledge  proofs. 

Cut  and  Choose.  When  Alice  wishes  to  malce  a  withdrawed,  she  first  constructs  and  blinds 
a  message  consisting  of  K  peiirs  of  numbers,  where  K  is  laxge  enough  that  an  event  with 
probability  2~^  will  never  happen  in  practice.  These  numbers  have  the  property  that  one 
can  identify  Alice  given  both  pieces  of  a  pair,  but  unmatched  pieces  are  useless.  She  then 
obtains  signature  of  this  blinded  message  from  the  Bank.  (This  is  done  in  such  a  way 
that  the  Bank  can  check  that  the  K  pairs  of  numbers  are  present  and  have  the  required 
properties,  despite  the  blinding.) 

When  Alice  spends  her  coins  with  Bob,  his  challenge  to  her  is  a  string  of  K  random 
bits.  For  each  bit,  Alice  sends  the  appropriate  piece  of  the  corresponding  pair.  For  example, 
if  the  bit  string  starts  0110 ... ,  then  Ahce  sends  the  first  piece  of  the  first  pair,  the  second 
piece  of  the  second  pair,  the  second  piece  of  the  third  pair,  the  first  piece  of  the  fourth 
pair,  etc.  When  Bob  deposits  the  coin  at  the  Bank,  he  sends  on  these  K  pieces. 

If  Alice  re-spends  her  coin,  she  is  challenged  a  second  time.  Since  each  challenge  is 
a  random  bit  string,  the  new  challenge  is  bound  to  disagree  with  the  old  one  in  at  least 
one  bit.  Thus  Ahce  will  have  to  reveal  the  other  piece  of  the  corresponding  pair.  When 
the  Bank  receives  the  coin  a  second  time,  it  takes  the  two  pieces  and  combines  them  to 
reveal  Alice's  identity. 

Although  conceptually  simple,  this  scheme  is  not  very  efficient,  since  each  coin  must 
be  accompanied  by  2K  large  numbers. 

Zero-Knowledge  Proofs.  The  term  zero-knowledge  proo/ refers  to  any  protocol  in  public- key 
cryptography  that  proves  knowledge  of  some  quantity  without  revealing  it  (or  making  it 
any  easier  to  find  it).  In  this  case,  Alice  creates  a  key  pair  such  that  the  secret  key  points 
to  her  identity.  (This  is  done  in  such  a  way  the  Bank  can  check  via  the  public  key  that 
the  secret  key  in  fact  reveals  her  identity,  despite  the  bhnding.)  In  the  payment  protocol, 
she  gives  Bob  the  public  key  as  paxt  of  the  electronic  coin.  She  then  proves  to  Bob  via 
a  zero- knowledge  proof  that  she  possesses  the  corresponding  secret  key.    If  she  responds 
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to  two  distinct  challenges,  the  identifying  information  can  be  put  together  to  reveal  the 
secret  key  and  so  her  identity. 

§3.2  Authentication  and  Signature  Techniques 

Our  next  step  is  to  describe  the  digital  signatures  that  have  been  used  in  the  im- 
plementations of  the  above  protocols,  and  the  techniques  that  have  been  used  to  include 
identifying  information. 

There  are  two  kinds  of  digital  signatures,  and  both  kinds  appear  in  electronic  cash 
protocols.  Suppose  the  signer  has  a  key  pair  and  a  message  3Jl  to  be  signed. 

•  Digital  Signature  with  Message  Recovery.  For  this  kind  of  signature,  we  have  a 
signing  function  Ssk  using  the  secret  key  SK,  and  a  verifying  function  Vpk  using 
the  public  key  PK.  These  functions  are  inverses,  so  that 

(*)  VpK  (5sK  m)  =  an. 

The  function  Vpk  is  easy  to  implement,  while  Ssk  is  easy  if  one  knows  SK  and  diffi- 
cult otherwise.  Thus  Ssk  is  said  to  have  a  trapdoor,  or  secret  quantity  that  maJses  it 
possible  to  perform  a  cryptographic  computation  which  is  otherwise  infeasible.  The 
function  VpK  is  called  a  trapdoor  one-way  function,  since  it  is  a  one-way  function 
to  anyone  who  does  not  know  the  trapdoor. 

In  this  kind  of  scheme,  the  verifier  receives  the  signed  message  5sk  (3Jl)  but  not  the 
original  message  text.  The  verifier  then  apphes  the  verification  function  Vpn.  This 
step  both  verifies  the  identity  of  the  signer  and,  by  (*),  recovers  the  message  text. 

•  Digital  Signature  with  Appendix.  In  this  kind  of  signature,  the  signer  performs  an 
operation  on  the  message  using  his  own  secret  key.  The  result  is  taJcen  to  be  the 
signature  of  the  message;  it  is  sent  along  as  an  appendix  to  the  message  text.  The 
verifier  checks  an  equation  involving  the  message,  the  appendix,  and  the  signer's 
public  key.  If  the  equation  checks,  the  verifier  knows  that  the  signer's  secret  key 
was  used  in  generating  the  signature. 

We  now  give  specific  algorithms. 

RSA  Signatures.  The  most  well-known  signature  with  message  recovery  is  the  RSA  sig- 
nature. Let  TV  be  a  hzird-to-factor  integer.  The  secret  signature  key  5  and  the  pubhc 
verification  key  v  are  exponents  with  the  property  that 

M'"  =  M     (mod  A^) 

for  all  messages  M.  Given  v,  it  is  easy  to  find  s  if  one  knows  the  factors  of  N  but  difficult 
otherwise.  Thus  the  "u'*'  power  (mod  TV)"  map  is  a  trapdoor  one-way  fiuiction.  The 
signature  of  M  is 

C  :=  M'     (mod  N); 
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to  recover  the  message  (and  verify  the  signature),  one  computes 

M  :=  C     (mod  N). 

Blind  RSA  Signatures.  The  above  scheme  is  easily  blinded.  Suppose  that  Alice  wants  the 
Bank  to  produce  a  blind  signature  of  the  message  M.  She  generates  a  random  niunber  r 
and  sends 

r"  •  M    (mod  N) 

to  the  Bank  to  sign.  The  Bank  does  so,  returning 

r  •  M'     (mod  N). 

Ahce  then  divides  this  result  by  r.  The  result  is  M'  (mod  N),  the  Bank's  signature  of  M, 
even  though  the  Bank  has  never  seen  M. 

The  SchnoTT  AlgorHhm.3.  The  Schnorr  family  of  algorithms  includes  an  identification 
procedure  and  a  signature  with  appendix.  These  Edgorithms  are  based  on  a  zero- knowledge 
proof  of  possession  of  a  secret  key.  Let  p  and  q  be  large  prime  ntmibers  with  q  dividing 
p  —  1.  Let  ^  be  a  generator;  that  is,  an  integer  between  1  and  p  such  that 

g^  =  I     (mod  p). 

If  s  is  an  integer  (mod  g),  then  the  modular  exponentiation  operation  on  s  is 

cl> :  s  —*  g'     (mod  p). 

The  inverse  operation  is  called  the  discrete  logarithm  function  and  is  denoted 

logji^t. 

If  p  and  q  axe  properly  chosen,  then  modular  exponentiation  is  a  one-way  function.  That 
is,  it  is  computationally  infecisible  to  find  a  discrete  logarithm. 
Now  suppose  we  have  a  line 

(t)  y  =  mx  +  b 

over  the  field  of  integers  (mod  q).  A  line  can  be  described  by  giving  its  slope  m  and 
intercept  b,  but  we  will  "hide"  it  as  follows.  Let 

c  =  g    (mod  p), 
n  =  y"  (mod  p). 
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Then  c  aind  n  give  us  the  "shadow"  of  the  Hne  under  (f).  Knowing  c  and  n  doesn't  give  us 
the  slope  or  intercept  of  the  Hne,  but  it  does  enable  us  to  determine  whether  a  given  point 
(x,  y)  is  on  the  hne.  For  if  (i,  y)  satisfies  (f),  then  it  must  also  satisfy  the  relation 

(t)  g''  =  n^-c     (modp). 

(Conversely,  any  point  {x,y)  satisfying  (J)  must  be  on  the  Hne.)  The  relationship  (J)  can 
be  checked  by  anyone,  since  it  involves  only  public  quantities.  Thus  anyone  can  check 
whether  a  given  point  is  on  the  line,  but  points  on  the  Hne  can  only  be  generated  by 
someone  who  knows  the  secret  information. 

The  basic  Schnorr  protocol  is  a  zero-knowledge  proof  that  one  possesses  a  given 
secret  quantity  m.  Let  n  be  the  corresponding  public  quantity.  Suppose  one  user  (the 
"prover")  wants  to  convince  another  (the  "verifier")  that  she  knows  m  without  revealing 
it.  She  does  this  by  constructing  a  line  (f)  and  sending  its  shadow  to  the  verifier.  The 
slope  of  the  line  is  tciken  to  be  secret  quantity  m,  and  the  prover  chooses  the  intercept 
at  random,  differently  for  each  execution  of  the  protocol.  The  protocol  then  proceeds  as 
foUows. 
Schnorr  proof  of  possession: 

1.  Alice  sends  c  (and  n  if  necessary)  to  Bob. 

2.  Bob  sends  Alice  a  "challenge"  value  of  x. 

3.  AHce  responds  with  the  value  of  y  such  that  (i,  y)  is  on  the  line. 

4.  Bob  verifies  via  (t)  that  (x,j/)  is  on  the  line. 

Bob  now  knows  that  he  is  speaking  with  someone  who  can  generate  points  on  the  line. 
Thus  this  paxty  must  know  the  slope  of  the  line,  which  is  the  secret  quantity  m. 

An  important  feature  of  this  protocol  is  that  it  can  be  performed  only  once  per  line. 
For  if  he  knows  any  two  points  (xo,yo)  a^d  (xi,t/i)  on  the  line,  the  verifier  can  compute 

the  slope  of  the  line  using  the  familieir  "rise  over  the  run"  formula 

_  yo  -yi      ,      ,    s 

m  =  (mod  q), 

xo  —  Xi 

and  this  slope  is  the  secret  quantity  m.  That  is  why  a  new  intercept  must  be  generated 
each  time.  We  call  this  the  two-points-on-a-line  ■principle.  This  feature  will  be  useful 
for  electronic  cash  protocols,  since  we  want  to  define  a  spending  procedure  which  reveals 
nothing  of  a  secret  key  if  used  once  per  coin,  but  reveals  the  key  if  a  coin  is  spent  twice. 

Schnorr  identification.  The  above  protocol  can  be  used  for  identification  of  users  in  a 
network.  Each  user  is  issued  a  key  pair,  and  each  pubHc  key  is  advertised  as  belonging  to 
a  given  user.  To  identify  herself,  a  user  needs  only  prove  that  she  knows  her  secret  key. 
This  can  be  done  using  the  above  zero-knowledge  proof,  since  her  public  key  is  Hnked  with 
her  identity. 
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SchnoTT  Signature.  It  is  easy  to  convert  the  Schnorr  identification  protocol  to  produce  a 
digitcil  signature  scheme.  Rather  thcin  receiving  a  challenge  from  am  on-hne  verifier,  the 
signer  simply  takes  i  to  be  a  secvire  hash  of  the  message  and  of  the  shadow  of  the  line. 
This  proves  knowledge  of  his  secret  key  in  a  way  that  links  his  key  pair  to  the  message. 

Blind  SchnoTT  Signature.  Suppose  that  AUce  wants  to  obtain  a  blind  Schnorr  signatiu-e  for 
her  coin,  which  she  will  spend  with  Bob.  Ahce  generates  random  quantities  (mod  q)  which 
describe  a  change  of  vEunables.  This  cheuige  of  variables  replaces  the  Bank's  hidden  hne 
with  another  line,  and  the  point  on  the  Bank's  line  with  a  point  on  the  new  line.  When 
Bob  verifies  the  Bank's  signature,  he  is  checking  the  new  point  on  the  new  line.  The  two 
lines  have  the  sajne  slope,  so  that  the  Bank's  signature  will  remain  valid.  When  the  Bcink 
receives  the  coin  for  deposit,  it  will  see  the  protocol  implemented  on  the  new  Une,  but  it 
will  not  be  able  to  link  the  coin  with  Ahce's  withdrawfj  since  only  Ahce  knows  the  change 
of  variables  relating  the  two  hnes. 

Chaum-Pederson  Signature.  A  variant  of  Schnorr's  signatvire  scheme  given  in  [6]  is  used 
in  electronic  cash  protocols.  This  modified  scheme  is  a  kind  of  "double  Schnorr"  scheme. 
It  involves  a  single  line  and  point  but  uses  two  shadows.  This  signature  scheme  can  be 
blinded  in  a  way  similsir  to  the  ordinary  Schnorr  signature. 

Implementatiom  of  the  Schnorr  Protocols.  We  have  described  the  Schnorr  cJgorithms  in 
terms  of  integers  modulo  a  prime  p.  The  protocols,  however,  work  in  any  setting  in  which 
the  aiiEdogue  of  the  discrete  logeirithm  problem  is  difficult.  An  important  example  is  that 
of  elliptic  curves  (see  [10]).  Elliptic  curve  based  protocols  are  much  faster,  and  require  the 
transmission  of  far  less  data,  them  non-eUiptic  protocols  giving  the  same  level  of  security. 

§3.3  Summary  of  Proposed  Implementations 

We  Ccm  now  present  summEiries  of  the  main  off-line  cash  schemes  from  the  academic 
literature.  There  cire  three:  those  of  Chaum-Fiat-Naor  [4],  Brands  [1],  emd  Ferguson  [9]. 

Chaum-Fiat-Naor.  This  was  the  first  electronic  cash  scheme,  and  is  the  simplest  con- 
ceptually. The  Bank  creates  an  electronic  coin  by  performing  a  blind  RSA  signature  to 
Alice's  withdrawal  request,  after  having  verified  interactively  that  Alice  has  included  her 
identifying  information  on  the  coin.  The  prevention  of  multiple  spending  is  accomplished 
by  the  cut-and-choose  method.  For  this  reason,  this  scheme  is  relatively  inefficient. 

Brands.  Brernds'  scheme  is  Schnorr-based.*  Indeed,  a  Schnorr  protocol  is  used  twice: 
at  withdrawal,  the  Bank  performs  a  blind  Chaum-Pederson  signature,  and  then  Alice 
performs  a  Schnorr  possession  proof  as  the  challenge-zmd-response  part  of  the  spending 
protocol. 


'For  ease  of  exposition,  we  give  a  simplified  account  of  Brands'  protocol. 
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The  withdrawal  step  produces  a  coin  which  contains  the  Bank's  signature,  authen- 
ticating both  Ahce's  identifying  information  ajid  the  shadow  of  the  line  to  be  used  for  the 
possession  proof.  This  commits  Alice  to  using  that  particular  line  in  the  spending  step. 
If  she  re-spends  the  coin,  she  must  use  the  same  line  twice,  enabling  the  Bajik  to  identify 
her. 

The  Brands  scheme  is  considered  by  many  to  be  the  best  of  the  three,  for  two 
reasons.  First,  it  avoids  the  awkward  cut-and-choose  technique.  Second,  it  is  based  only 
on  the  Schnorr  protocols,  and  so  it  can  be  implemented  in  various  settings  such  as  elliptic 
curves. 

Ferguson.  Ferguson's  scheme  is  RSA-based  like  Chaum-Fiat-Naor,  but  it  uses  the  "two- 
points-on-a-line"  principle  like  Brands.  The  signature  it  uses  is  not  the  blind  RSA  signature 
as  described  above,  but  a  variant  called  a  randomized  blind  RSA  signature.  The  ordinary 
blind  RSA  scheme  has  the  drawback  that  the  Bank  has  absolutely  no  idea  what  it  is 
signing.  As  mentioned  above,  this  is  not  a  problem  in  the  cut-and-choose  Ccise,  but  in  this 
case  it  can  allow  a  payer  to  defeat  the  mechanism  for  identifying  multiple  spenders.  The 
rzmdomized  version  avoids  this  problem  by  having  both  Alice  and  the  Bank  contribute 
random  data  to  the  message.  The  Bank  still  doesn't  know  what  it  is  signing,  but  it  knows 
that  the  data  was  not  chosen  maliciously. 

The  rest  of  the  protocol  is  conceptually  similar  to  Brands'  scheme.  The  message 
to  be  signed  by  the  Bank  contains,  in  addition  to  the  random  data,  the  shadow  of  a  line 
whose  slope  and  intercept  reveal  Alice's  identity.  During  payment,  Alice  reveals  a  point 
on  this  line;  if  she  does  so  twice,  the  Bcink  can  identify  her. 

Although  Ferguson's  scheme  avoids  the  cut-and-choose  technique,  it  is  the  most 
complicated  of  the  three  (due  largely  to  the  randomized  bhnd  RSA  signature).  Moreover, 
it  cannot  be  implemented  over  elliptic  curves  since  it  is  RSA-based. 


360 


§4:  Optional  Features  of  Off-Line  Cash 

Much  of  the  recent  Hterature  on  off-line  cash  has  focused  on  adding  features  to  make 
it  more  convenient  to  use.  In  this  chapter  we  will  discuss  two  of  these  features. 

§4.1  Transferability 

Transferability  is  a  feature  of  paper  cash  that  eillows  a  user  to  spend  a  coin  that  he 
has  just  received  in  a  payment  without  having  to  contact  the  Beink  in  between.  We  refer  to 
a  payment  as  a  transfer  if  the  payee  can  use  the  received  coin  in  a  subsequent  payment.  A 
payment  system  is  transferable  if  it  allows  at  least  one  transfer  per  coin.  Figure  2  shows  a 
maximum  length  path  of  a  coin  in  a  system  which  allows  two  transfers.  The  fined  payment  is 
not  considered  a  transfer  because  it  must  be  deposited  by  the  payee.  Transferability  would 
be  a  convenient  feature  for  an  ofF-hne  cash  system  because  it  requires  less  interaction  with 
the  Beink.  (A  transferable  electronic  cash  system  is  off-line  by  definition,  since  on-line 
systems  require  communication  with  the  Bank  during  each  payment.) 


1st  transfer 


2nd  transfer        )  (1  (       final  payment 

Ted  Carol 


ft 

yy 


Alice  Ted  Carol  Bob 

Figure  2.  A  maximum  length  path  of  a  coin  in  a  system  which  allows  2  transfers  per  coin. 


Transferable  systems  have  received  little  attention  in  academic  literature.  The 
schemes  presented  in  §3.3  are  not  transferable  because  the  payee  cannot  use  a  received 
coin  in  another  payment  -  his  only  options  axe  to  deposit  or  to  exchemge  it  for  new  coins 
at  the  Bank.  Any  transferable  electronic  cash  system  has  the  property  that  the  coin  must 
"grow  in  size"  (i.e.,  accumulate  more  bits)  each  time  it  is  spent.  This  is  because  the  coin 
must  contain  information  about  every  person  who  has  spent  it  so  that  the  Bank  maintains 
the  ability  to  identify  multiple  spenders.  (See  [5].)  This  growth  makes  it  impossible  to 
edlow  an  unlimited  number  of  transfers.  The  mciximum  number  of  transfers  allowed  in  Einy 
given  system  will  be  Umited  by  the  allowable  size  of  the  coin. 

There  are  other  concerns  with  any  transferable  electronic  cash  system,  even  if  the 
number  of  transfers  per  coin  is  limited,  cind  we  remove  the  einonymity  property.  Until  the 
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coin  is  deposited,  the  only  information  available  to  the  Bank  is  the  identity  of  the  individual 
who  originally  withdrew  the  coin.  Any  other  transactions  involving  that  withdrawal  can 
only  be  reconstructed  with  the  cooperation  of  each  consecutive  spender  of  that  coin.  This 
poses  the  same  problems  that  paper  cash  poses  for  detecting  money  laundering  and  tax 
evasion:  no  records  of  the  transactions  are  available. 

In  addition,  each  trajisfer  delays  detection  of  re-spent  or  forged  coins.  Multiple 
spending  will  not  be  noticed  until  two  copies  of  the  same  coin  are  eventually  deposited. 
By  then  it  may  be  too  late  to  catch  the  culprit,  and  many  users  may  have  accepted 
counterfeit  coins.  Therefore,  detection  of  multiple  spending  after  the  fact  may  not  provide 
a  satisfactory  solution  for  a  transferable  electronic  cash  system.  A  transferable  system 
may  need  to  rely  on  physical  security  to  pjevent  multiple  spending.  (See  §5.1.) 

§4.2  Divisibility 

Suppose  that  Alice  is  enrolled  in  a  non-transferable,  off-line  cash  system,  and  she 
wants  to  purchase  an  item  from  Bob  that  costs,  say,  $4.99.  If  she  happens  to  have  electronic 
coins  whose  values  add  up  to  exactly  $4.99  then  she  simply  spends  these  coins.  However, 
unless  Alice  has  stored  a  large  reserve  of  coins  of  each  possible  denomination,  it  is  unlikely 
that  she  will  have  the  exact  change  for  most  purchases.  She  may  not  wish  to  keep  such 
a  large  reserve  of  coins  on  hand  for  the  some  of  the  same  reasons  that  one  doesn't  carry 
around  a  large  amount  of  cash:  loss  of  interest  and  fear  of  the  ceish  being  stolen  or  lost. 
Another  option  is  for  Alice  to  withdraw  a  coin  of  the  exact  amount  for  each  payment,  but 
that  requires  interaction  with  the  Bank,  making  the  payment  on-line  from  her  point  of 
view.  A  third  option  is  for  Bob  to  pay  Alice  the  difference  between  her  payment  and  the 
$4.99  purchase  price.  This  puts  the  burden  of  having  an  exact  payment  on  Bob,  and  also 
requires  Alice  to  contact  the  Bank  to  deposit  the  "change." 

A  solution  to  Alice's  dilemma  is  to  use  divisible  coins:  coins  that  can  be  "divided" 
into  pieces  whose  total  value  is  equal  to  the  value  of  the  original  coin.  This  allows  exact 
off-line  payments  to  be  made  without  the  need  to  store  a  supply  of  coins  of  different 
denominations.  Paper  cash  is  obviously  not  divisible,  but  lack  of  divisibility  is  not  as 
much  of  an  inconvenience  with  paper  cash  because  it  is  transferable.  Coins  that  are 
received  in  one  payment  can  be  used  again  in  the  next  payment,  so  the  supply  of  different 
denominations  is  peirtially  replenished  with  each  transaction.  (Imagine  how  quickly  a 
cashier  would  run  out  of  change  if  paper  cash  were  not  transferable  and  each  payment  was 
put  in  a  separate  bin  set  aside  for  the  next  bank  deposit!) 

Three  divisible  oif-hne  cash  schemes  have  been  proposed,  but  at  a  cost  of  a  longer 
transaction  time  and  additional  storage.  Eng  and  Okamoto's  divisible  scheme  [7]  is  based 
on  the  "cut  and  choose"  method.  Okamoto  [11]  is  much  more  efficient  and  is  based  on 
Brands'  scheme  but  will  also  work  on  Ferguson's  scheme.  Okamoto  and  Ohta  [12]  is  the 
most  efficient  of  the  three,  but  also  the  most  complicated.  It  relies  on  the  difficulty  of 
factoring  and  on  the  difficulty  of  computing  discrete  logarithms. 
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Figure  3.  A  binary  tree  for  a  divisible  coin  worth  $4.00,  with  a  mimmum 
unit  of  SI  .00.  A  $3.00  payment  can  be  made  by  spending  the  shaded  nodes. 
Node  1  cannot  be  used  in  a  subsequent  payment  because  it  is  an  ancestor 
nodes  2  and  6.  Nodes  4  and  S  cannot  be  used  because  they  are  descendants 
of  node  2.  Node  3  cannot  be  used  because  it  is  ancestor  of  node  6.  Nodes  2 
and  6  cannot  be  used  more  than  once,  so  node  7  is  the  only  node  which  can 
be  spent  in  a  subsequent  payment 


All  three  of  these  schemes  work  by  associating  a  binary  tree  with  each  coin  of  value 
$u;.  (See  Figure  3).  Each  node  is  assigned  a  monetary  value  as  follows:  the  unique  root 
node  (the  node  at  level  0)  has  value  §w,  the  two  nodes  at  level  1  each  have  value  $w/2, 
the  four  nodes  at  level  2  each  have  value  $u;/4,  etc.  Therefore,  if  lu  =  2',  then  the  tree  has 
/  +  1  levels,  ajid  the  nodes  at  level  j  each  have  value  $u)/2-'.  The  leaves  of  the  tree  axe  the 
nodes  at  level  /,  and  have  the  minimum  unit  of  value. 

To  spend  the  entice  amount  of  value  $w,  the  root  node  is  used.  Amounts  less  than 
$u)  can  be  spent  by  spending  a  set  of  nodes  whose  values  add  up  to  the  desired  ajnount. 

Initially,  any  whole  dollar  amount  of  up  to  $w  can  be  spent.  Subsequent  payments 
are  made  according  to  the  following  rules: 

1.  Once  a  node  is  used,  all  its  descendant  and  ancestor^  nodes  cannot  be  used. 

2.  No  node  can  be  used  more  than  once. 

These  two  rules  insure  that  no  more  than  one  node  is  used  on  any  path  from  the 
root  to  a  leaf.  If  these  two  rules  are  observed,  then  it  will  be  impossible  to  spend  more 
than  the  original  value  of  the  coin.  If  either  of  these  rules  are  broken,  then  two  nodes  on 
the  same  path  are  used,  and  the  information  in  the  two  corresponding  payments  can  be 
combined  to  reveal  the  identity  of  the  individual  that  overspent  in  the  same  way  that  the 
identity  of  a  multiple  spender  is  revealed. 

More  specifically,  in  the  Eng/Okamoto  and  Okcimoto  schemes,  each  user  has  a  secret 
value,  s,  which  is  Hnked  to  their  identity  (uncovering  5  will  uncover  their  identity,  but  not 
vice- versa.)  Each  node  i  is  assigned  a  secret  value,  t,.  Hence,  each  node  i  corresponds  to 
a  line 

y  -  sx  +  <,. 


'a  descendant  of  a  node  n  is  a  node  on  a  path  from  node  n  to  a  leaf.  An  ancestor  of  node  n  is  a 
node  on  the  path  from  node  n  to  the  root  node. 
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When  a  payment  is  made  using  a  pcirticular  node  n,  ti  will  be  revealed  for  all  nodes  i  that 
are  ancestors  of  node  n.  Then  the  payee  sends  a  challenge  Xi  and  the  payer  responds  with 

yi  =  sxi  +t„. 

This  reveals  a  point  (xi,yi)  on  the  line  y  =  sx  +  <„,  but  does  not  reveal  the  hne  itself.  K 
the  same  node  is  spent  twice,  then  responses  to  two  independent  challenges,  xi  and  X2, 
will  reveal  two  points  on  the  same  hne:  (ii,yi)  and  (x2,y2)-  Then  the  secret  value  5  can 
be  recovered  using  the  two-points-on-a-line  principle  described  in  §3.2. 

If  someone  tries  to  overspend  a  coin,  then  two  nodes  in  the  same  path  will  be  used. 
Suppose  that  nodes  n  Eind  m  axe  in  the  seime  path,  and  node  n  is  farther  from  the  root  on 
this  path.  Spending  node  n  will  reveal  <m,  since  node  m  is  an  ancestor  of  node  n.  Now  if 
node  m  is  also  spent,  then  the  response  to  a  challenge  ii  will  be  yi  =  sii  +tm-  But  t^  was 
revealed  when  t„  was  spent,  so  sxi  and  hence  s  will  be  revealed.  Therefore,  spending  two 
nodes  in  the  same  path  will  reveal  the  identity  of  the  overspender.  The  Okamoto/Ohta 
divisible  scheme  also  uses  a  binary  tree  with  the  same  niles  for  using  nodes  to  prevent 
multiple  and  over-spending,  but  when  nodes  axe  used  improperly,  a  different  technique 
is  used  to  determine  the  identity  of  the  spender.  Instead  of  hiding  the  user's  identifying 
secret  in  a  hne  for  which  a  point  is  revealed  when  a  coin  is  spent,  the  user's  identifying 
secret  is  hidden  in  the  factorization  of  an  RSA  modulus.  Spending  the  same  node  twice, 
or  spending  two  nodes  on  the  same  path  will  provide  enough  information  for  the  Bank 
to  factor  the  modulus  (which  is  paxt  of  the  coin)  and  then  compute  the  user's  secret 
identifying  information. 

Although  these  three  divisible  schemes  axe"  untraceable,  payments  made  from  the 
same  initial  coin  may  be  "linked"  to  each  other,  meaning  that  it  is  possible  to  teU  if  two 
payments  came  from  the  same  coin  and  hence  the  Scime  person.  This  does  not  reveal  the 
payer's  identity  if  both  payments  are  valid  (follow  Rules  1  and  2,  above),  but  revealing  the 
payer's  identity  for  one  purchcise  would  reveal  that  payer's  identity  for  all  other  purchcises 
made  from  the  same  initial  coin. 

These  axe  three  examples  of  off-line  cash  schemes  that  have  divisible  coins.  Although 
providing  divisibility  complicates  the  protocol,  it  can  be  accomplished  without  forfeiting 
untraceability  or  the  abihty  to  detect  improper  spenders.  The  most  efficient  divisible 
scheme  has  a  transaction  time  eind  required  memory  per  coin  proportional  to  the  logarithm 
of  N,  where  TV  is  the  total  coin  value  divided  by  the  value  of  the  minimum  divisible  unit. 
More  improvements  in  the  efficiency  of  divisible  schemes  axe  expected,  since  the  most 
recent  improvement  was  just  presented  in  1995. 
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§5:  Security  Issues 

In  this  section  we  discuss  some  issues  concerning  the  security  of  electronic  cash. 
First,  we  discuss  ways  to  help  prevent  multiple  spending  in  off-line  systems,  and  we  describe 
the  concept  of  wallet  observers.  We  also  discuss  the  consequences  of  an  unexpected  fEiilure 
in  the  system's  security.  Finally,  we  describe  a  solution  to  some  of  the  law  enforcement 
problems  that  are  created  by  anonymity. 

§5.1  Multiple  Spending  Prevention 

In  §1.3,  we  explained  that  multiple  spending  can  be  prevented  in  on-line  payments 
by  maintaining  a  database  of  spent  electronic  coins,  but  there  is  no  cryptographic  method 
for  preventing  an  off-line  coin  from  being  spent  more  than  once.  Instead,  off-line  multiple 
spending  is  detected  when  the  coin  is  deposited  and  compared  to  a  database  of  spent  coins. 
Even  in  anonymous,  untraceable  payment  schemes,  the  identity  of  the  multiple-spender 
can  be  revealed  when  the  abuse  is  detected.  Detection  after  the  fact  may  be  enough  to 
discourage  multiple  spending  in  most  cases,  but  it  will  not  solve  the  problem.  If  someone 
were  able  to  obtain  an  account  under  a  fcJse  identity,  or  were  willing  to  disappeeir  after 
re-spending  a  large  sum  of  money,  they  could  successfully  cheat  the  system. 

One  way  to  minimize  the  problem  of  multiple  spending  in  an  off-hne  system  is  to 
set  an  upper  limit  on  the  value  of  each  payment.  This  would  Umit  the  financial  losses  to 
a  given  merchant  due  to  accepting  coins  that  have  been  previously  deposited.  However, 
this  will  not  prevent  someone  from  spending  the  same  small  coin  many  times  in  different 
places. 

In  order  to  prevent  multiple  spending  in  off-line  payments,  we  need  to  rely  on 
physical  security.  A  "tamper-proof  card  could  prevent  multiple  spending  by  removing 
or  disabling  a  coin  once  it  is  spent.  Unfortunately,  there  is  no  such  thing  as  a  truly 
"tennper-proof  card.  Instead,  we  will  refer  to  a  "tanaper-resistant"  card,  which  is  phys- 
ically constructed  so  that  it  is  very  difficult  to  modify  its  contents.  This  could  be  in  the 
form  of  a  smart  card,  a  PC  card^",  or  any  storage  device  containing  a  tamper- resistant 
computer  chip.  This  will  prevent  abuse  in  most  CEises,  since  the  typical  criminal  will  not 
have  the  resources  to  modify  the  card.  Even  with  a  teumper-resistant  card,  it  is  still  essen- 
tial to  provide  cryptographic  security  to  prevent  counterfeiting  and  to  detect  and  identify 
multiple  spenders  in  case  the  tamper-protection  is  somehow  defeated.  Also,  setting  limits 
on  the  value  of  off-line  payments  would  reduce  the  cost-effectiveness  of  tampering  with  the 
card. 

Tamper-resistant  cards  can  also  provide  personal  security  and  privacy  to  the  card- 
holder by  malcing  it  difficult  for  adversaries  to  read  or  modify  the  information  stored  on 
the  card  (such  as  secret  keys,  algorithms,  or  records). 


'"formerly  PCMCIA,  or  Personal  Computer  Memory  Card  International  Association. 
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§5.2  Wallet  Observers 

All  of  the  basic  off-line  cash  schemes  presented  in  §3.3  can  cryptographically  detect 
the  identity  of  multiple  spenders,  but  the  only  way  to  prevent  off-line  multiple  spending 
is  to  use  a  tamper-resistant  device  such  as  a  smart  card.  One  drawback  of  this  approach 
is  that  the  user  must  put  a  great  deal  of  trust  in  this  device,  since  the  user  loses  the 
abihty  to  monitor  information  entering  or  leaving  the  card.  It  is  conceivable  that  the 
tamper-resistant  device  could  leak  private  information  about  the  user  without  the  user's 
knowledge. 

Chaum  and  Pedersen  [6]  proposed  the  idea  of  embedding  a  tamper-resistajit  device 
into  a  user-controlled  outer  module  in  order  to  achieve  the  security  benefits  of  a  tamper- 
resistant  device  without  requiring  the  user  to  trust  the  device.  They  call  this  combination 
an  electronic  wallet  (see  Figure  4).  The  outer  module  (such  as  a  small  hand-held  computer 
or  the  user's  PC)  is  accessible  to  the  user.  The  inner  module  which  cannot  be  read  or 
modified  is  called  the  "observer."  All  information  which  enters  or  leaves  the  observer  must 
pass  through  the  outer  module,  allowing  the  user  to  monitor  information  that  enters  or 
leaves  the  card.  However,  the  outer  module  cannot  complete  a  transaction  without  the 
cooperation  of  the  observer.  This  gives  the  observer  the  power  to  prevent  the  user  from 
malcing  transactions  that  it  does  not  approve  of,  such  as  spending  the  same  coin  more  than 
once. 

An  Electronic  Wallet 


observer 


Figure  4.  An  electronic  wallet 

Brands[l]  and  Ferguson[8]  have  both  shown  how  to  incorporate  observers  into  their 
respective  electronic  cash  schemes  to  prevent  multiple  spending.  Bremds'  scheme  incorpo- 
rates observers  in  a  much  simpler  Eind  more  efficient  manner.  In  Brands'  basic  scheme,  the 
user's  secret  key  is  incorporated  into  each  of  his  coins.  When  a  coin  is  spent,  the  spender 
uses  his  secret  to  create  a  valid  response  to  a  challenge  from  the  payee.  The  payee  will  ver- 
ify the  response  before  accepting  the  payment.  In  Brands'  scheme  with  wallet  observers, 
this  user  secret  is  shared  between  the  user  and  his  observer.  The  combined  secret  is  a 
modular  sum  of  the  two  shares,  so  one  share  of  the  secret  revecils  no  information  about  the 
combined  secret.  Cooperation  of  the  user  and  the  observer  is  necessary  in  order  to  create  a 
vahd  response  to  a  challenge  during  a  payment  transaction.  This  is  accomphshed  without 
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either  the  user  or  the  observer  revep.Hng  any  information  about  its  share  of  the  secret  to 
the  other.  It  also  prevents  the  observer  from  controlUng  the  response;  hence  the  observer 
cannot  leak  any  information  about  the  spender. 

An  observer  could  also  be  used  to  trace  the  user's  tremsactions  at  a  later  time,  since 
it  can  keep  a  record  of  all  transactions  in  which  it  participates.  However,  this  requires 
that  the  Bank  (or  whoever  is  doing  the  tracing)  must  be  able  to  obtain  the  observer  and 
analyze  it.  Also,  not  all  types  of  observers  can  be  used  to  trace  transactions.  Brands  and 
Ferguson  both  claim  that  they  can  incorporate  observers  into  their  schemes  and  still  reteiin 
untraceability  of  the  users'  transactions,  even  if  the  observer  used  in  the  trcinsactions  has 
been  obtained  and  can  be  analyzed. 

§5.3  Security  Failures 

Types  of  failures.  In  any  cryptographic  system,  there  is  some  risk  of  a  security  failure.  A 
security  failure  in  an  electronic  cash  system  would  result  in  the  ability  to  forge  or  duplicate 
money.  There  are  a  number  of  different  ways  in  which  an  electronic  cash  system  could  fail. 

One  of  the  most  serious  types  of  failure  would  be  that  the  cryptography  (the  protocol 
or  the  underlying  mathematics)  does  not  provide  the  intended  security.^^  This  could  enable 
someone  to  create  valid  looking  coins  without  knowledge  of  an  authorized  bank's  secret 
key,  or  to  obtain  valid  secret  keys  without  physical  access  to  them.  Anyone  who  is  aweire  of 
the  weaJcness  could  create  coins  that  appear  to  come  from  a  legitimate  bank  in  the  system. 

Another  serious  type  of  failure  could  occur  in  a  specific  implementation  of  the 
system.  For  example,  if  the  bank's  random  number  generator  is  not  a  good  one,  one  may 
be  able  to  guess  the  secret  random  number  and  use  it  to  compute  the  secret  keys  that  are 
used  to  create  electronic  money. 

Even  if  the  cryptography  and  the  implementation  are  secure,  the  security  could  fail 
because  of  a  physical  compromise.  If  a  computer  hacker,  thief,  dishonest  bank  employee, 
or  a  rogue  state  were  to  gain  access  to  the  bank's  secret  key  they  could  create  counterfeit 
money.  If  they  gain  access  to  a  user's  secret  key  they  could  spend  that  user's  money. 
If  they  could  modify  the  user  or  bank's  software  they  could  destroy  the  security  of  the 
system. 

The  above  failure  scenarios  apply,  not  only  to  the  electronic  cash  system,  but  cdso 
to  the  underlying  authentication  infrastructure.  Thus,  for  example,  if  an  attacker  could 
forge  an  identity  certificate  identifying  him  as  a  bank,  he  could  create  valid-looking  elec- 
tronic coins.  Such  an  attacker  would  be  counterfeiting  without  using  ciny  weakness  in 
the  electronic  cash  system  itself.  Thus  the  certification  authorities  need  to  be  secured  as 
thoroughly  as  do  the  banks. 


'^We  are  unaware  of  anything  in  the  hterature  that  would  suggest  this  type  of  failure  with  the 
protocols  discussed  in  this  paper. 
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Consequences  of  a  failure.  All  three  of  the  basic  schemes  described  in  this  paper 
axe  Einonymous,  which  mEikes  it  impossible  for  cinyone  to  connect  a  deposited  coin  to  the 
originating  banks  withdrawal  record  of  that  coin.  This  property  has  serious  consequences 
in  the  event  of  a  security  failure  leading  to  token  forgery.  When  a  coin  is  submitted  for 
deposit,  it  is  impossible  to  determine  if  it  is  forged.  Even  the  originating  bank  is  unable  to 
recognize  its  own  coins,  preventing  detection  of  the  compromise.  It  is  conceivable  that  the 
compromise  will  not  be  detected  until  the  bank  realizes  that  the  total  value  of  deposits  of 
its  electronic  cash  exceeds  the  amount  that  it  has  created  with  a  particular  key.  At  this 
point  the  losses  could  be  devastating. 

After  the  key  compromise  is  discovered,  the  bank  will  still  be  unable  to  distinguish 
valid  coins  from  invalid  ones  since  deposits  said  withdrawals  cannot  be  linked.  The  bank 
would  have  to  change  its  secret  key  and  invalidate  all  coins  which  were  signed  with  the  com- 
promised key.  The  bank  can  replace  coins  that  have  not  yet  been  spent,  but  the  vahdity  of 
untraceable  coins  that  have  already  been  spent  or  deposited  cannot  be  determined  without 
cooperation  of  the  payer.  Payment  untraceability  prevents  the  Bank  from  determining  the 
identity  of  the  payer,  and  payer  anonymity  prevents  even  the  payee  from  identifying  the 
payer. 

It  is  possible  to  minimize  this  damage  by  limiting  the  number  of  coins  affected  by 
a  single  compromise.  This  could  be  done  by  changing  the  Bank's  public  key  at  designated 
time  intervals,  or  when  the  total  value  of  coins  issued  by  a  single  key  exceeds  a  designated 
limit.  However,  this  kind  of  compartmentation  reduces  the  anonymity  by  shrinking  the 
pool  of  withdrawals  that  could  correspond  to  a  pEtrticulcir  deposit  and  vice  versa. 

§5.4  Restoring  Traceability 

The  anonymity  properties  of  electronic  cash  pose  several  law  enforcement  problems 
because  they  prevent  withdrawals  and  deposits  from  being  linked  to  each  other.  We  ex- 
plained in  the  previous  section  how  this  prevents  detection  of  forged  coins.  Anonymity 
also  malces  it  difficult  to  detect  money  laundering  and  tax  evasion  because  there  is  no  way 
to  Unk  the  payer  and  payee.  Finally,  electronic  cash  paves  the  way  for  new  versions  of  old 
crimes  such  as  kidnapping  and  blackmail  (see  [13])  where  money  drops  can  now  be  carried 
out  scifely  from  the  criminal's  home  computer.''^ 

One  way  to  minimize  these  concerns  is  to  require  large  transactions  or  large  numbers 
of  transactions  in  a  given  time  period  to  be  traceable.  This  would  make  it  more  difficult 
to  commit  crimes  involving  large  sums  of  cash.  However,  even  a  strict  limit  such  as  a 
maximum  of  $100  a  day  on  withdrawals  and  deposits  can  add  up  quickly,  especially  if  one 
can  open  several  accounts  that  each  have  their  own  limit.  Also,  limiting  the  amount  spent 
in  a  given  time  period  would  have  to  rely  on  a  tamper-resistant  device. 


'^We  will  avoid  discussing  such  crimes  against  individuals,  concentrating  instead  on  crimes  against 
the  Government,  the  banking  system,  and  the  national  economy. 
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Another  way  to  minimize  these  concerns  is  to  provide  a  mechanism  to  restore  trace- 
abiUty  under  certain  conditions,  such  as  a  court  order.  TraceabiUty  can  be  separated  into 
two  types  by  its  direction.  Forward  traceability  is  the  abiHty  to  identify  a  deposit  record 
(and  hence  the  payee),  given  a  withdrawal  record  (and  hence  the  identity  of  the  payer). 
In  other  words,  if  a  search  waxrant  is  obtained  for  Alice,  forward  tracing  will  reveal  where 
Alice  has  spent  her  cash.  Backward  traceability  is  the  abihty  to  identify  a  withdrawal 
record  (and  hence  the  payer),  given  a  deposit  record  (and  hence  the  identity  of  the  payee). 
Backward  tracing  will  reveal  who  Ahce  has  been  receiving  payments  from. 

A  solution  that  conditionally  restores  both  forward  and  backward  traceabihty  into 
the  cut-and-choose  scheme  is  presented  by  Stadler,  Piveteau,  Eind  Camenisch  in  [14].  In 
the  basic  cut-and  choose  scheme,  an  identifying  nimiber  is  associated  with  each  withdrawal 
record  and  a  different  identifying  number  is  associated  with  each  deposit  record,  although 
there  is  no  way  to  link  these  two  records  to  each  other.  To  provide  a  mechanism  for 
restoring  backward  traceability,  the  withdrawal  number  (along  with  some  other  data  which 
cannot  be  associated  with  the  withdrawal)  is  encrypted  with  a  commonly  trusted  entity's 
public  key  and  incorporated  into  the  coin  itself.  This  encrypted  withdrawal  number  is 
passed  to  the  payee  a.s  part  of  the  payment  protocol,  and  then  will  be  passed  along  to 
the  bank  when  the  coin  is  deposited  by  the  payee.  The  payer  performs  the  encryption 
during  the  withdrawal  transaction,  but  the  bank  can  insure  that  the  encryption  was  done 
properly.  If  the  required  conditions  for  tracing  axe  met,  the  payment  or  deposit  can  be 
turned  over  to  the  trusted  entity  holding  the  secret  key  to  decrypt  the  withdrawal  number. 
This  withdrawal  number  will  allow  the  bank  to  access  its  withdrawal  records,  identifying 
the  payer. 

To  provide  a  mechanism  for  restoring  forward  traceability,  the  payer  must  commit 
to  a  deposit  number  at  the  time  that  the  coin  is  withdrawn.  The  payer  encrypts  this 
deposit  number  with  a  commonly  trusted  entity's  public  key  (along  with  some  other  data 
that  cannot  be  associated  with  the  deposit)  and  must  send  this  value  to  the  bank  as  part 
of  the  withdrawal  protocol.  The  bank  is  able  to  determine  that  the  payer  has  not  cheated, 
although  it  only  sees  the  deposit  number  in  encrypted  form.  If  the  required  conditions  for 
tracing  are  met,  the  withdrawal  record  can  be  turned  over  to  the  trusted  entity  holding 
the  secret  key  to  decrypt  the  deposit  number.  The  bank  can  use  this  deposit  number  to 
identify  the  depositor  (the  payee). 

Stadler  et  al.  have  shown  that  it  is  possible  to  provide  a  mechanism  for  restoring 
traceability  in  either  or  both  directions.  This  can  be  used  to  provide  users  with  anonymity, 
while  solving  many  of  the  law  enforcement  problems  that  exist  in  a  totally  untraceable 
system.  The  ability  to  trace  transactions  in  either  direction  can  help  law  enforcement 
officials  catch  tax  evaders  and  money  launderers  by  revealing  who  has  paid  or  has  been 
paid  by  the  suspected  criminal.  Electronic  blackmailers  can  be  caught  because  the  deposit 
numbers  of  the  victim's  ill-gotten  coins  could  be  decrypted,  identifying  the  blackmailer 
when  the  money  is  deposited. 
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The  ability  to  restore  traceability  does  not  solve  one  very  important  law  enforcement 
problem:  detecting  forged  coins.  Backwards  tracing  will  help  identify  a  forged  coin  if  a 
pairticulax  payment  or  deposit  (or  depositor)  is  under  suspicion.  In  that  case,  backwards 
tracing  will  reveal  the  withdrawal  niunber,  allowing  the  originating  bajik  to  locate  its 
withdrawal  record  emd  verify  the  validity  of  the  coin.  However,  if  a  forged  coin  maJces 
its  way  into  the  system  it  may  not  be  detected  until  the  bank  whose  money  is  being 
counterfeited  realizes  that  the  total  value  of  its  electronic  cash  deposits  using  a  particular 
key  exceeds  the  values  of  its  withdrawals.  The  only  way  to  determine  which  deposits  are 
genuine  and  which  are  forged  would  require  obtaining  permission  to  decrypt  the  withdrawal 
numbers  for  each  and  every  deposit  of  electronic  CEish  using  the  compromised  key.  This 
would  violate  the  privacy  that  anonymous  cash  was  designed  to  protect. 

Unfortunately,  the  scheme  of  [14]  is  not  efficient  because  it  is  bzised  on  the  bulky 
cut-and-choose  method.  However,  it  may  be  possible  to  apply  similar  ideas  to  restore 
traceabihty  in  a  more  efficient  electronic  cash  scheme. 
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Conclusion 

This  report  has  described  several  innovative  payment  schemes  which  provide  user 
anonymity  and  payment  imtraceabiHty.  These  electronic  cash  schemes  have  cryptographic 
mechajiisms  in  place  to  address  the  problems  of  multiple  spending  and  token  forgery. 
However,  some  serious  concerns  about  the  abihty  of  aji  electronic  cash  system  to  recover 
from  a  security  failure  have  been  identified.  Concerns  about  the  impact  of  anonymity  on 
money  laundering  and  tax  evasion  have  also  been  discussed. 

Because  it  is  simple  to  malce  an  exact  copy  of  asi.  electronic  coin,  a  secure  electronic 
cash  system  must  have  a  way  to  protect  against  multiple  spending.  If  the  system  is 
implemented  on-hne,  then  multiple  spending  can  be  prevented  by  maintaining  a  database 
of  spent  coins  and  checking  this  list  with  each  payment.  If  the  system  is  implemented 
off-line,  then  there  is  no  way  to  prevent  multiple  spending  cryptographically,  but  it  can 
be  detected  when  the  coins  are  deposited.  Detection  of  multiple  spending  after-the-fact 
is  only  useful  if  the  identity  of  the  offender  is  revealed.  Cryptographic  solutions  have 
been  proposed  that  will  reveal  the  identity  of  the  multiple  spender  while  preserving  user 
anonymity  otherwise. 

Token  forgery  can  be  prevented  in  an  electronic  cash  system  as  long  as  the  cryp- 
tography is  sound  and  securely  implemented,  the  secret  keys  used  to  sign  coins  are  not 
compromised,  and  integrity  is  maintained  on  the  pubhc  keys.  However,  if  there  is  a  secu- 
rity flaw  or  a  key  compromise,  the  anonymity  of  electronic  cash  will  delay  detection  of  the 
problem.  Even  after  the  existence  of  a  compromise  is  detected,  the  Bank  will  not  be  able 
to  distinguish  its  own  valid  coins  from  forged  ones.  Since  there  is  no  way  to  guarantee  that 
the  Bank's  secret  keys  will  never  be  compromised,  it  is  important  to  hmit  the  damage  that 
a  compromise  could  inflict.  This  could  be  done  by  limiting  the  total  vcilue  of  coins  issued 
with  a  particular  key,  but  lowering  these  limits  also  reduces  the  anonymity  of  the  system 
since  there  is  a  smaller  pool  of  coins  cissociated  with  each  key. 

The  untraceability  property  of  electronic  cash  creates  problems  in  detecting  money 
laundering  and  tax  evasion  because  there  is  no  way  to  link  the  payer  and  payee.  To  counter 
this  problem,  it  is  possible  to  design  a  system  that  hcis  an  option  to  restore  traceabiUty 
using  an  escrow  mechanism.  If  certain  conditions  axe  met  (such  as  a  court  order),  a  deposit 
or  withdrawal  record  can  be  tiurned  over  to  a  commonly  trusted  entity  who  holds  a  key 
that  can  decrypt  information  connecting  the  deposit  to  a  withdrawal  or  vice  versa.  This 
will  identify  the  payer  or  payee  in  a  particular  transaction.  However,  this  is  not  a  solution 
to  the  token  forgery  problem  because  there  may  be  no  way  to  know  which  deposits  are 
suspect.  In  that  case,  identifying  forged  coins  would  require  turning  over  all  of  the  Bank's 
deposit  records  to  the  trusted  entity  to  have  the  withdrawal  numbers  decrypted. 

We  have  also  looked  at  two  optional  features  of  off-line  electronic  cash:  transferabil- 
ity and  divisibility.  Because  the  size  of  an  electronic  coin  must  grow  with  each  transfer,  the 
number  of  transfers  allowed  per  coin  must  be  limited.  Also,  allowing  transfers  magnifies 
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the  problems  of  detecting  counterfeit  coins,  money  laimdering,  and  tax  evasion.  Coins  can 
be  made  divisible  without  losing  ciny  security  or  einonymity  features,  but  at  the  expense 
of  additional  memory  requirements  and  transaction  time. 

In  conclusion,  the  potential  risks  in  electronic  commerce  are  magnified  when  anon- 
ymity is  present.  Anonymity  creates  the  potential  for  large  smns  of  counterfeit  money 
to  go  undetected  by  preventing  identification  of  forged  coins.  Anonymity  also  provides  aja 
avenue  for  laundering  money  and  evading  taxes  that  is  difficult  to  combat  without  resorting 
to  escrow  mechanisms.  Anonymity  can  be  provided  at  varying  levels,  but  increasing  the 
level  of  anonymity  also  increases  the  potentieJ  damages.  It  is  necessciry  to  weigh  the  need 
for  anonymity  with  these  concerns.  It  may  well  be  concluded  that  these  problems  axe 
best  avoided  by  using  a  secure  electronic  payment  system  that  provides  privacy,  but  not 
anonymity. 
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